configuring Multiple Raduis server on Cisco Router

Answered Question
May 23rd, 2010

I have a cisco router that is working as PPPoE NAS server i need to configure multiple raduis server each one is dedicated to an interface so i would have each of my clients authenticate via the proper raduis server

Thanks in advance

I have this problem too.
0 votes
Correct Answer by m.kafka about 6 years 8 months ago

Hi,

a brief outline of the config steps:

aaa new-model

create 2 separate radius servers, use the modern syntax with host and key in the same line

radius-server host 10.1.1.1 key XXXXXXXXX

radius-server host 10.1.1.2 key XXXXXXXXX


create 2 separate aaa group-servers radgroup1 and radgroup2 and add each of the servers to one aaa group server

aaa group server radius radgroup1 
 server 10.1.1.1
aaa group server radius radgroup2
server 10.1.1.2

create 2 aaa authentication lists with different group servers as a method:

aaa authenticate ppp login1 group radgroup1

aaa authenticate ppp login2 group radgroup2


use the two authetications on the apropriate interfaces:

router(config)#interface {name-of-interface-1}

router(config-if)#ppp authenticate chap login1

router(config)#interface {name-of-interface-2}

router(config-if)#ppp authenticate chap login2

rgds,

MiKa

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Correct Answer
m.kafka Tue, 05/25/2010 - 09:09

Hi,

a brief outline of the config steps:

aaa new-model

create 2 separate radius servers, use the modern syntax with host and key in the same line

radius-server host 10.1.1.1 key XXXXXXXXX

radius-server host 10.1.1.2 key XXXXXXXXX


create 2 separate aaa group-servers radgroup1 and radgroup2 and add each of the servers to one aaa group server

aaa group server radius radgroup1 
 server 10.1.1.1
aaa group server radius radgroup2
server 10.1.1.2

create 2 aaa authentication lists with different group servers as a method:

aaa authenticate ppp login1 group radgroup1

aaa authenticate ppp login2 group radgroup2


use the two authetications on the apropriate interfaces:

router(config)#interface {name-of-interface-1}

router(config-if)#ppp authenticate chap login1

router(config)#interface {name-of-interface-2}

router(config-if)#ppp authenticate chap login2

rgds,

MiKa

Actions

This Discussion