Cisco validating identity error
However, if it is using an authentication server, such as Cisco Secure ACS for Windows NT, the server can use external authentication to an SDI server and proxy the authentication request for all other services supported by Cisco ASA.
Cisco ASA and SDI use UDP port 5500 for communication.
These attributes can contain information such as an IP address to assign the client and authorization information.
RADIUS servers combine authentication and authorization phases into a single request-and-response communication cycle.
RSA Secur ID (SDI) is a solution provided by RSA Security.
Cisco ASA does not support RADIUS command authorization for administrative sessions because of limitations in the RADIUS protocol.The TACACS authentication concept is similar to RADIUS.The NAS sends an authentication request to the TACACS server (daemon).(RADIUS authentication attributes are defined in RFC 2865.) Figure 6-1 illustrates how this process works.The RADIUS server can also send IETF or vendor-specific attributes to the Cisco ASA, depending on the implementation and services used.