We previously demonstrated how to add a RADIUS server for two-factor authentication to the. This document will do the same, but using the command line interface.
First, add the RADIUS server. This could be the WiKID server directly or a RADIUS server such as NPS:
aaa-server WiKID-radius protocol radius
aaa-server WiKID-radius (inside) host 192.168.1.4
The key/shared secret is the same as on the RADIUS server (WiKID server or NPS). Be sure to change the port to 1812 as that's been the standard since 2000. Keep this traffic inside the firewall as it is not encrypted. The shared secret/key is only used to encode the traffic.
Then, you need add the server group to a connection profile:
tunnel-group DefaultWEBVPNGroup general-attributes