Question : AAA server not on inside interface

Trying to set up a VPN server on an ASA5505 that is in a remote office (10.3.0.0/255.255.0.0) that does not contain a domain controller (or any server for that matter). The ASA is connected to the main office (10.1.0.0/255.255.0.0.) via a site to site vpn. I have set up the main office Remote Access VPN to the RADIUS server on the inside network just fine but I don't know how to set up the remote office AAA server. Since the RADIUS server is not on the inside network, I try to choose outside network but it get "Error:Authentication server not responding" when I try to test the AAA server in ASDM.

Answer : AAA server not on inside interface

You would configure the aaa-server on the outside interface as shown above by StrifeJester, but it will need to route over the Internet, and thus needs to hit an Internet accessible IP. You will need to open up the correct ports to your internal Radius server on the remote firewall. I believe the default radius ports are UDP 1812,1813. So for example:

aaa-server radiusauth protocol radius
aaa-server radiusauth (outside) host 72.72.72.72
timeout 5
key RADIUS_PW

Nat 72.72.72.72 to your internal Radius server, open up UDP 1812,1813. I'd recommend limiting the source traffic so that it only accepts queries from your remote firewall.

Random Solutions

Cant open certain folders (Spam) - A problem occurred while trying to use your mailbox. Please contact technical support for your organization.

MSSQL proble with insert statement - query will not compile

How do I add an external DNS route to point to an interal IP

Master Rolesholding DNS

Will a clean OS X server install kill Xserve Raid?

List box child menu

Server 2003 Log off

Formating Columns in SQL Server 2005

checking object reference

Kill All MySQL Sleeping Connections