how to force RADIUS authentication to use LAN interface's IP

Unanswered Question

I am trying to set up AAA authentication for all routers I manage so that technicians log on to the routers with their Windows usernames and a RADIUS server determines whether or not they have access. The RADIUS servers used in the routers' configurations can only be reached through a VPN each router has to our data center.


When I run RADIUS debugging I notice my test router is using its WAN address as the "Best Local IP-Address" and the "NAS-IP-Address" is also listed as the WAN address. The authentication fails because our data center firewall is only allowing RADIUS traffic in through the VPN.


How can I make my router use the LAN IP address as the NAS IP address?



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Jagdeep Gambhir Tue, 07/29/2008 - 05:19
User Badges:
  • Red, 2250 points or more

Please issue command


Router(config)#ip radius source-interface



Regards,

~JG


Do rate helpful posts

Actions

This Discussion