how to force RADIUS authentication to use LAN interface's IP

Unanswered Question

I am trying to set up AAA authentication for all routers I manage so that technicians log on to the routers with their Windows usernames and a RADIUS server determines whether or not they have access. The RADIUS servers used in the routers' configurations can only be reached through a VPN each router has to our data center.

When I run RADIUS debugging I notice my test router is using its WAN address as the "Best Local IP-Address" and the "NAS-IP-Address" is also listed as the WAN address. The authentication fails because our data center firewall is only allowing RADIUS traffic in through the VPN.

How can I make my router use the LAN IP address as the NAS IP address?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Jagdeep Gambhir Tue, 07/29/2008 - 05:19
User Badges:
  • Red, 2250 points or more

Please issue command

Router(config)#ip radius source-interface



Do rate helpful posts


This Discussion