Table of Contents
Advertisement
Table 14-1
RADIUS Servers Fields
Element
VPN Groups in RADIUS Server Enter the VPN groups configured on the RADIUS server that you
PKI-based user policy download Check PKI-based user policy download if you want the Easy VPN
Group Authorization and Group User Policies
Cisco Router and Security Device Manager 2.5 User's Guide
14-4
Description
want this connection to give access to. Use a comma to separate
entries. A sample set of entries follows:
WGP-1, WGP-2, ACCTG, CSVC
These names must match the group names configured on the
RADIUS server. For easy administration, they should also match
the group names you configure for the easy VPN clients.
server to download user-specific attributes from the RADIUS server
and push them to the client during mode configuration. The Easy
VPN server obtains the username from the client's digital
certificate.
This option is displayed under the following conditions:
The router runs a Cisco IOS 12.4(4)T or later image.
•
You choose digital certificate authentication in the
•
configuration.
•
You choose RADIUS or RADIUS and Local group
authorization.
You can create user groups that each have their own IP address pool, client update
configuration, split tunneling configuration, and other custom settings, These
group attributes are downloaded to the client in that group when they connect to
the Easy VPN server. The same group name must be configured on the clients who
are members of the group to ensure that the correct group attributes are
downloaded.
If group polices have already been configured, they appear in the list in this
window, and you can select them for this connection by checking the Select box
to the left of the group name.
Chapter 14
Enhanced Easy VPN
IKE
policy
OL-4015-12
Advertisement
Table of Contents
Troubleshooting
