PhPort
asked on
Remote access users connecting to an asa 5510
What is a better choice for authentication, a radius server or a RAS server when there are about 20 remote vpn users
There will probably be a lot more help available for the Radius solution. Cisco has the config examples on the website to follow.
ASKER
I need some clarification on the expert comment 'website to follow' as there has been nothing to follow. I would like to know which is a better solution. I believe it is radius but wanted to know if there was any guidelines on when to use radius and when to use rras.
Should have read: Cisco has the config examples to follow on their website.
Which to use, there's real hard rule of thumb. Radius has many more examples so might be easier to setup. RRAS might be attractive for those with an all Microsoft back end or a requirement to keep it that way. IMHO, if you have a MS server structure in place, it might just be better to use an LDAP lookup instead of RRAS... my 2 cents.
Which to use, there's real hard rule of thumb. Radius has many more examples so might be easier to setup. RRAS might be attractive for those with an all Microsoft back end or a requirement to keep it that way. IMHO, if you have a MS server structure in place, it might just be better to use an LDAP lookup instead of RRAS... my 2 cents.
ASKER
Thanks for that clarification. I appreciate your IMHO and believe that if you register the radius server in active directory you are using those accounts to authenticate. I would like to know if anyone else has had to make a similar decision of choosing an authentication mechanism and which one they have chosen.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
HE asked for opinion, I gave him my opinions and some direction to consider.
ASKER
Sorry for not getting back sooner I had to attend to a important family matter. I believe I was asking if there was any guidelines on selecting between radius and ras. This question was not answered. I did get some helpful comments that led me to doing further research. I am new to this as this was my first question asked. I believe points should be awarded. Is the only option all points awarded when one person responds and only part of the question is answered?
You can award all points, but give a lower grade on the question. Or you can split points between the expert and one of your own answers if you like.
ASKER
The answer was helpful but did not completely answer my question. It led me to look up and find further information on the topic.