Local Authentication on Pix firewall

Lharrypersaud · ‎04-06-2005

Is this the command that you use to setup local athentication on the pix instead of using aaa server ?- vpngroup groupmarketing password xxxxxxx

cjdunford · ‎04-06-2005

That command is used for the group name and password configuration if you are connecting to the firewall with the Cisco 3000 VPN Client. Are you looking for the authentication method for VPN usernames? Or the authentication method for CLI access to the firewall?

Lharrypersaud · ‎04-06-2005

I am looking for the authentication method for VPN usernames. This is the same way that i would setup the users to login to a aaa server. I have about 5 users and i think a aaa server is not the best option. At least it will be kind of expensive for just five users. It's the first time i am trying to do this so i am not so sure. Can you please help me?

Thanks

cjdunford · ‎04-06-2005

The command would be: vpngroup authentication-server

For the you would enter whatever appears under this line "aaa-server LOCAL protocol local"

So, for example, you would have this;

vpngroup authentication-server LOCAL

Lharrypersaud · ‎04-06-2005

This is what i keep getting:

vpngroup testgroup authentication-server LOCAL

Protocol "local" is not supported for authentication of remote users of a h/w cl

ient

Can you please tell me what this mean?

Thanks

sachinraja · ‎04-07-2005

hi.. you can try this:

aaa-server LOCAL protocol local

crypto map mymap client authentication LOCAL

vpngroup abcvpn password ********

These are the configs with respect to authentication. all the other configs have been attached seperately.. this will authenticate both group and user parameters locally on the PIX..

let us know if you need anything else...rate replies if found useful..

Raj