RADIUS, Authenticate Local User.

Unanswered Question
Feb 23rd, 2009

I've recently setup my 1st RADIUS server (IAS on Server 2003), to be used to authenticate our domain joined laptops over wireless.

All the laptops authenticate fine and work well over the wireless setup, but I have one laptop (which is personal) not joined to the domain and each time I try to connect it fails. The IAS log show's IAS_NO_SUCH_USER.

Is there a simple way for me to get around this, I've tried setting the authentication on the router to "Group Local Radius" and creating a local account but this still fails.

Any help would be appreciated as I'm starting to feel a little out of my depth with this. I'm new to Cisco routers and still learning through Server 2003.

Thanks in advance, AStaley.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Scott Fella Mon, 02/23/2009 - 07:02

What supplicant are you using.... also check the log when you are authenticated using your work laptop and when you use your personal. It might be due to how you setup your login with the domain. Howerver, if you are using machine or user certificate, then you machine will have to be a member of the domain.

AStaleyUK Mon, 02/23/2009 - 08:27

IOS Name; c1841-advipservicesk9-mz.124-15.T3.bin

Not strictly a question for a Cisco forum, but maybe someone will have an answer.

Is there anyway for me to include a setting on Server 2003 that will authenticate this single laptop without having to get the cert installed? Or to authenticate this one laptop locally with the router?

This laptop is the IT managers personal machine, but the connection/router is supplied by the company. We could join it to the domain and resolve the problem that way, but would like to avoid it in this case if possible.

aneelaka Fri, 03/06/2009 - 13:26

You computer has not been joined to the domain, hence IAS server is unable to find the user account, hence it fails.

Regarding configuring a fallback on the router i.e. group radius local

It goes to local database only if it cannot reach the radius server or radius server is dead. Not when user fails authentication


This Discussion



Trending Topics - Security & Network