![cisco vpn setup secondary radius authentication server cisco vpn setup secondary radius authentication server](https://www.miniorange.com/images/radius/Radius+2FAcode.png)
Similarly, you can specify the port used by the Cisco ASA to communicate to the RADIUS server for accounting. In this example, the default RADIUS authentication port 1645 is entered under the Server Authentication Port field. You can specify the port used by the Cisco ASA to communicate to the RADIUS server for authentication purposes. The default value of 10 seconds is used in this example. Specify the amount of time (in seconds) that the Cisco ASA waits before timing out the authentication session under the Timeout field. In this example, the RADIUS server's IP address is 172.18.124.145. Enter the AAA server name or IP address under the Server Name or IP Address field. In this example, the RADIUS server is reachable through the management interface. Select the interface where the RADIUS server resides, using the Interface Name pull-down menu. As you see in Figure 6-5, the Server Group my-radius-group is already pre-populated in the screen. The Max Failed Attempts is used to limit the maximum number of failed authentication attempts. In this example, the default value is configured ( 10 minutes).Īlternatively, you can select Timed mode where failed servers are reactivated after 30 seconds of down time. If this option is selected you must add a time interval in the Dead Time field. When depletion mode is selected in the Cisco ASA, failed servers are reactivated only after all the servers in the group are inactive. The reactivation mode is used to control the behavior when AAA servers fail. Depletion is selected in the Reactivation Mode field. To send accounting data to all servers in the group select Simultaneous. When single mode is selected, the Cisco ASA sends accounting data to only one accounting server. The Accounting Mode field has two options: Simultaneous and Single. In this example all the other fields are left with default values. Several of the parameters in this dialog box depend on the authentication protocol that is used. RADIUS is used in this example however, you can choose from any of the following server types: Select the AAA protocol to be used from the Protocol drop-down list. Figure 6-4 Add AAA Server Group Dialog Box