It is assumed that the Cisco ASA is setup and operational. An existing Domain user can authenticate using a Domain AD password and access applications, your users can access through IPSec VPN and/or SSL VPN using Domain accounts. 

Register DualShield Radius Server

1. Launch the Cisco Adaptive Security Device Manager (ASDM), select Configuration in top toolbar, select Device Management in the accordion menu on the bottom
2. In the control panel on the left, select Users/AAA and select AAA Server Groups.
3. Click "Add" button on the right
   
   1. Enter Name
   2. Select "RADIUS" protocol
   3. Set "Max Failed Attempts" to 1
   4. Click "OK" when completed
      
         
      
      
      
      
4. Select the newly created AAA server, i.e. DualShield
5. Click "Add" in the "Servers in the Selected Group"
   1. Select "inside" interface
   2. Enter the IP address of the DualShield Radius Server
   3. Set Authentication Port to 1812
   4. Set Accounting Port to 1813
   5. Enter "Server Secret Key"
   6. Unselect "Microsoft CHAPv2 Capable"
   7. Click "OK" when completed
      
      
      
      
6. Click "Apply" button to save settings

Related Articles

• MFA for VPN