Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

How to configure IAS in Server 2003 to configure a Radius server for use with Cisco VPN Concentrators

Posted on 2011-02-15
4
Medium Priority
?
788 Views
Last Modified: 2012-06-21
Currently I have a three Cisco VPN Concentrators that are load balanced.  I have a Windows 2003 server for my Radius server.  This allows users to log in to the Cisco VPN Client with their Active Directory User name and password.  This is my question.  Is there anywhere in the Cisco Concentrator or the IAS Server that will allow for example "John Doe" to only be able to log in once.  What I'm trying to prevent is the same user logging in multiple times.  When I look in the concentrator and go to the general tab of the group, there is an option for Simultaneous Logins, but this is for simultaneous logins for this group, not per user.  Is there a way to accomplish what I am trying to do?  Thanks.
0
Comment
Question by:denver218
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 3

Expert Comment

by:mikegatti
ID: 34910479
inside your default group policy you can add the command:

group-policy DfltGrpPolicy attributes
 vpn-simultaneous-logins 1

that should stop users from simultaneous logins

Also, on the IAS side there is nothing to do (as far as I know), we are evaluating replacing our RADIUS solution with CISCO ACS, OCS RADIATOR or another vendor.

-------------------------------------
vpn-simultaneous-logins

To configure the number of simultaneous logins permitted for a user, use the vpn-simultaneous-logins command in group-policy configuration mode or username configuration mode. To remove the attribute from the running configuration, use the no form of this command. This option allows inheritance of a value from another group policy. Enter 0 to disable login and prevent user access.


http://www.cisco.com/en/US/docs/security/asa/asa72/command/reference/uz_72.html#wp1413067


0
 
LVL 4

Author Comment

by:denver218
ID: 34911080
Thanks but this seems to be for a ASA.  I'm am using a cisco VPN concentrator 3060.
0
 
LVL 3

Accepted Solution

by:
mikegatti earned 2000 total points
ID: 34911691
No problem, navigate Configuration>User Managemtn>Groups, select a group in the list and click on  on modify group, click the General tab of you vpn group,  there is an option Simultaneous Logins, you can set that option to 1. Or you can go in your Base group and set that option to 1 and it will apply to all groups
0
 
LVL 4

Author Closing Comment

by:denver218
ID: 34916734
Thanks
0

Featured Post

Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There’s a movement in Information Technology (IT), and while it’s hard to define, it is gaining momentum. Some call it “stream-lined IT;” others call it “thin-model IT.”
As managed cloud service providers, we often get asked to intervene when cloud deployments go awry. Attracted by apparent ease-of-use, flexibility and low computing costs, companies quickly adopt leading public cloud platforms such as Amazon Web Ser…
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question