Adding Users to a VPN Group

rkollar59 · ‎04-13-2005

Greetings,

I have recently configured a PIX515E with site-to-site and remote access(3DES/AES). My S2S and remote access tunnels are up and running fine. The Cisco VPN client my remote users are running is version 4.6.02.0011.

Just to get remote VPN access up-and-running I setup a VPN group GroupXYZ. All of my user's VPN clients are using this one group (I do plan segregate my users into multiple groups, at a later time).

Is there a way to setup a group and add/remove users, as necessary; similar to adding users to groups in file server environment?

Patrick Iseli · ‎04-13-2005

No, if you are using local users, then it is not possible to separate them and specify them for a specific VPN Group. They are global.

I dont know if that might be possible with a Radius or Tacacs Server ?

sincerely

Patrick

drumrb0y · ‎04-14-2005

Hello all;

It's possible to create separate VPN user groups within a TACACS+ server, but you can't do it locally in the PIX config.

Marc