Create an ASA RADIUS Server Object

RADIUS servers provide AAA (authentication, authorization, and accounting) services.

Use the following procedure to create an object:

Procedure


Step 1

In the left pane, click Objects.

Step 2

Click Create Object ()> RA VPN Objects (ASA & FDM) > Identity Source.

Step 3

Enter an Object name for the object.

Step 4

Select the Device Type as ASA.

Step 5

Select RADIUS Server as the Identity Source Type. Click Continue.

Step 6

Edit the Identity Source configuration with the following properties:

  • Server Name or IP Address - The fully-qualified host name (FQDN) or IP address of the server.

  • Authentication Port (Optional) - The port on which RADIUS authentication and authorization are performed. The default is 1812.

  • Timeout - The length of time, 1-300 seconds, that the system waits for a response from the server before sending the request to the next server. The default is 10 seconds.

  • Enter the Server Secret Key(Optional) - The shared secret that is used to encrypt data between the ASA device and the RADIUS server. The key is a case-sensitive, alphanumeric string of up to 64 characters, with no spaces. The key must start with an alphanumeric character or an underscore, and it can contain the special characters: $ & - _ . + @. The string must match the one configured on the RADIUS server. If you do not configure a secret key, the connection is not encrypted.

Step 7

Click Add.

Step 8

Review and deploy now the changes you made, or wait and deploy multiple changes at once.