IAS - how to restrict access to a list of devices.

tin.ngo · ‎08-11-2007

I have IAS running on W2k3 Active Directory. I have tested sucessfully set up 2 group of users called Level1 and Level15 logging in to routers. Level1 gets privilige 1 while Level15 gets 'enable mode'. What I want to do next is set up IAS so that Level1 users are restricted to a number of routers. Currenlty, they have access to all routers. Thanks in advance.

Jagdeep Gambhir · ‎08-11-2007

Tin,

Unfortunately we do not have any feature like Network Access Restrictions on Windows IAS

server to restrict the access of Level 1 users on some specific device.

Check the attachment about SECURING CISCO DEVICES USING MICROSOFT INTERNET AUTHENTICATION SERVICE (RADIUS)

Regards,

~JG

Please rate if helps

tin.ngo · ‎08-11-2007

Thans JG. Is IAS on W2k3 which is what I am running offer any new feature to do this? If not, do you know any other product that can? e.g Cisco ACS or Radiator or something else?

Jagdeep Gambhir · ‎08-13-2007

Hi Tin,

I don't think IAS have this feature available, but we have this feature with Cisco ACS. These kind of featuers make ACS to lead over IAS.

Regards,

~JG

IAIN HILL · ‎08-14-2007

one way to achieve what you are looking for is to run the IAS service on two servers and configure the routers to point towards the server which has the correct grouping configured. Its a bit of a work around as IAS does not give you exactly what you are looking for but works never the less.

Hope this helps.