Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
956
Views
0
Helpful
2
Replies

RSA radius authentication through IPSEC VPN tunnel from ASA itself

david.xu
Level 1
Level 1

‎03-16-2009 01:11 PM - edited ‎02-21-2020 04:11 PM

ASA 5510 at both location. ASA1 is headquaters and ASA2 is remote office.

IPsec VPN client terminate at ASA2. IPsec VPN tunnel between ASA1 and ASA2, RSA secure ID server for VPN client authentication at headquaters behind ASA1.VPN client connect to ASA2 try to use secure ID token to authenticate on RSA server at headquaters.

All VPN tunnel and VPN client have been setup probably, ASA2 also can ping from inside through VPN tunnel to RSA server behind ASA1, and vice versa, but when I do a AAA server test for this RSA server, it said server not response.

Is there any tricky part I missed as the session is initiate from ASA2 itself and through VPN tunnel to RSA server?

Labels:
0 Helpful
2 Replies 2

JamesLuther
Level 3
Level 3

‎03-20-2009 12:44 PM

Hi,

In IOS you do this with

ip tacacs source-interface fa0/1

ip radius source-interface fa0/1

where fa0/1 = inside interface in encryption domain

However I've tried to do this before on ASA and I couldn't find any option to change the aaa source interface.

So unless someone can confirm differently, I don't think that this is possible.

Regards

0 Helpful

Victor Asiwe
Level 1
Level 1

‎09-29-2010 03:26 PM

I am having the have the same problem also.

Please if you find a solution can you post it.

Many thanks.

0 Helpful
Customers Also Viewed These Support Documents