AnyConnect and Cisco ACS Radius is a bit more complected because the ASA5500 documentation states that you can not use the Same Radius for
Authentication and Authorization. So things getting more complex by it self 😉 But if i see things in the right light we don’t need authorization at all so we will on monday how things will develope.
How to authentication AnyConnect VPN against RADIUS
The Authentication against RADIUS is quiet easy to configure.
Just add the RADIUS Servers as described here.
Than add following to the configuration:
[sourcecode gutter=”false” autolinks=”false”]
tunnel-group SSLClientProfile general-attributes
authentication-server-group AAA-RADIUS
[/sourcecode]
By debuging the radius authentication is see our freeradius deliver the av-pairs with the authentication request so lets see if the ASA accepts them.
If you feel this helps a bit or may be not ? Please leave a comment.