• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 250
  • Last Modified:

Cisco Client - Logging into VPN

I am now running a Cisco ASA 5510 and have the VPN Set up and working (thanks to lrmoore).  Within that VPN it is using the group name to authenticate and then after that it asks for another password for a username that I had to create within the ASA.  Is there a way around the second step?

I used to have a pix that only required me to enter the information into the Cisco Client and hit connect.  Then i was good to go.
0
rcooper83
Asked:
rcooper83
  • 2
1 Solution
 
lrmooreCommented:
You can set the auth group to none

   tunnel-group GROUPNAME general-attributes
        authentication-server-group  none
0
 
rcooper83Author Commented:
How secure is that?
0
 
lrmooreCommented:
It is as secure as with local authentication as long as there are prudent controls on how anyone logs onto the VPN client machine. If it is a laptop and gets stolen, the logon password to the desktop is trivial to override and if it is, then this unauthorized user has full access to your network just by launching the client.
Without the user authentication you have no traceability of who logged on when, just the IP address that the connection came from.
The user authentication is another layer in your defense.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now