Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 247
  • Last Modified:

Cisco Client - Logging into VPN

I am now running a Cisco ASA 5510 and have the VPN Set up and working (thanks to lrmoore).  Within that VPN it is using the group name to authenticate and then after that it asks for another password for a username that I had to create within the ASA.  Is there a way around the second step?

I used to have a pix that only required me to enter the information into the Cisco Client and hit connect.  Then i was good to go.
0
rcooper83
Asked:
rcooper83
  • 2
1 Solution
 
lrmooreCommented:
You can set the auth group to none

   tunnel-group GROUPNAME general-attributes
        authentication-server-group  none
0
 
rcooper83Author Commented:
How secure is that?
0
 
lrmooreCommented:
It is as secure as with local authentication as long as there are prudent controls on how anyone logs onto the VPN client machine. If it is a laptop and gets stolen, the logon password to the desktop is trivial to override and if it is, then this unauthorized user has full access to your network just by launching the client.
Without the user authentication you have no traceability of who logged on when, just the IP address that the connection came from.
The user authentication is another layer in your defense.
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now