Different AAA servers for different vpn groups on Cisco PIX.
Posted on 2005-03-09
A difficult one here for you experts :)
I want to start using tokens for a select group of vpn clients. All VPN authentication is done against my windows 2000 IAS server (radius). For tokens I use RSA/ACE Server which is installed on another server. I have 2 vpngroups (group ABC and group DEF) in my PIX config. What I want to do is make group ABC authenticate against the IAS server, and group DEF against the RSA server.
I don't think this can be done (after I tried everythnig). This is a breeze for the concentrator so I automatically assumed that it was also possible on the PIX; boy was I wrong, or was I? Anyone?