Hello,
I have a problem to setup radius authentication on remote ASA.Configuration is pretty simple:home network <-> internet <-> remote office with ASA
between home network an ASA Ipsec tunnel is established
10.10.10.0 is network behind ASA
10.10.20.0 is network with radius server in it
so crypto acl is:
permit ip 10.10.10.0/24 10.10.20.0/24
permit ip 10.10.20.0/24 10.10.10.0/24
which perfectly connects two networks
I want ASA to use radius located in home network for authentication.
So with commands:
aaa-server RADIUS protocol radius
aaa-server EMEARADIUS host radiushost
key mykey
authentication-port 1812
accounting-port 1813
I suppose to achive what is neseccary, however it's not like this.
Radius host is located behind interface outside, so ASA sends radius requests
with source of outside interface and because of this it does not seem as interesting traffic for
ASA and don't get encrypted.
Question: is there a way how to force ASA use IP of inside for this?
