Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
415
Views
0
Helpful
2
Replies

Dual ACE servers dial-up VPN on a 3600 router

mjones-f1
Level 1
Level 1

‎02-27-2007 12:19 PM

We currently have VPN users connecting through a 3640 router and want to add a 2nd RSA ACE server.

The 3640 is using IOS 12.3

Does any one know if this will support a 2nd RSA server?

Labels:
0 Helpful
2 Replies 2

Richard Burts
Hall of Fame
Hall of Fame

‎02-27-2007 04:52 PM

Mike

Some more detail about what you are doing would be helpful and enable us to give you better answers. Would I be correct in assuming that if you are terminating VPN sessions on the 3640 that you are using TACACS or Radius to authenticate with the RSA server? If so then I believe that the answer is affirmative - the 3640 does support a second TACACS or Radius server.

HTH

Rick

HTH

Rick
0 Helpful

daviddtran
Level 1
Level 1
In response to Richard Burts

‎03-04-2007 06:02 PM

you can use native Radius Server that comes with

RSA Server to autheticate VPN users. You can

add a second RSA Server replica (provided you

have the primary RSA server in place) and it

will replicate the user database from the

primary RSA to the secondary RSA. From the

Cisco 3640, you will have two Radius entries,

one with the IP address of the primary RSA

server and another entry with the IP address

of the secondary RSA server.

I am using RSA server to terminate vpn users

on my cisco 2621 routers with this scenario

but my configuration is a bit more complicated

than yours. I have ACS server that will proxy

off the connection to the RSA Server (I

have RSA agent installed on the ACS). But the

first approach is much easier.

Good luck.

David

CCIE Security

Checkpoint CCSE NGx

0 Helpful
Customers Also Viewed These Support Documents