Create an IP Name object for the target
- Under the Firewall section, expand the Objects link and select the IP Names.
- Click the Add button at the top.
- Enter a descriptive name such as Mi-Token, the IP address and a description of the server.
- Name: Mi-token VPN
- Ip: xxx.xxx.xxx.xxx
- Click OK and then Apply
Create a new AAA Server Group
- Click theRemote Access VPN section.
- Expand AAA Setup and selectAAA Server Groups.
- Click the Add button to the right of the AAA Server Groups section.
- Give the server group a name, like Mi-Token OTP, and make sure the RADIUS protocol is selected.
- Accept the default for the other settings. And click OK
Add the RADIUS server to the Server Group.
- Select the server group created in the step above.
- Click the Add button to the right of Servers in the Select Group.
- Under the Interface Name select the interface on the ASA that will have access to the RADIUS server, most likely inside.
- Under Server Name or IP Address enter the IP Name you created for the RADIUS server above.
- Skip to the Server Secret Key field and create a complex password. Make sure you document this as it is required when configuring the RADIUS server. Re-enter the secret in the Common Password field.
- Leave the rest of the settings at the defaults and click Ok.