ASA Commands to enable VPN Client RADIUS authentication.
aaa-server RADIUS protocol radius
aaa-server RADIUS host 192.168.200.156
key cisco123
tunnel-group vpnclient general-attributes
authentication-server-group RADIUS
Configure the Windows 2008 Server.
Note: Windows Server Standard will support up to 50 clients.
Add the “Network Policy and Access Services” role. Select “Network Policy Server”.
Configure a new RADIUS Client. Enter the IP address of the ASA/Pix and Shared secret key.
Configure the settings to match the screenshot below.
Create a New Network Policy. Configure the settings to match the screenshot below.
Add the Windows User Group that will be allowed VPN access.
Configure the Authentication Method to use “Unencrypted authentication”.
Remote the existing Standard Attributes. Attributes should be empty.
Set Encryption to “No Encryption”.
Accept the warning messages regarding Low/No encryption.