21-9
Cisco Router and Security Device Manager 2.5 User’s Guide
OL-4015-12
Chapter21 Cisco IOS SSL VPN
Creating an SSL VPN Connection
External AAA server Button
Click if you want the router to use an AAA server to authenticate CiscoIOS SSL
VPN users. The router will use the AAA servers that are listed in this window. If
there are no AAA servers configured, you can configure them in this window. To
use this option, there must be at least one AAA server configured on the router.
Locally on this router Button
Click if you want the router to authenticate users itself. The router will
authenticate each user displayed in this window. If no users are configured on the
router, you can add users in this window.
First on an external AAA server and then locally on this router Button
Click if you want the router to authenticate using a AAA server first, and if
authentication fails, to attempt local authentication. If the user is not configured
on either a configured AAA server or locally on the router, authentication for that
user fails.
Use the AAA authentication method list Button
Click if you want the router to use a method list for authentication. A method list
contains the authentication methods that should be used. The router attempts the
first authentication method in the list. If authentication fails, the router tries the
next method in the list and continues until the user is authenticated, or until it
reaches the end of the list.
AAA servers configured for this router List
This list contains the AAA servers that the router uses to authenticate users. If you
choose to authenticate users with AAA servers, this list must contain the name or
IP address of at least one server. Use the Add button to add information for a new
server. To manage AAA configurations on the router, leave the wizard, click
Additional Task s, and then click the AAA node in the Additional Tasks tree. This
list does not appear if you have chosen Locally on this router.