Served-Based Authentication for Cat6000 Switches

waynepua · ‎11-12-2001

Hi,

I have setup CSACS to authenticate router & switches, and wireless client authentication.

In CSACS v2.6, there is a option to restrict user to certain NAS IP address. Using this feature, on Cisco router, I am able to setup RADIUS authentication that restrict only administrator account to do a VTY telnet. However, it does not seem to work for Cat6000 series switches. Any account such as user wireless account will enter the switch exec command once the username and password is correct. Is there any additional config to run ? Pls advise.

The other issue is does Cat2900/3500XL series support RADIUS authentication? I cant find any documentation although under aaa new-model radius is one of the option.

ciscomoderator · ‎11-18-2001

Often times complex troubleshooting issues are best addressed in an interactive trouble-shooting session with one of our trained technical assistance engineers. While other forum users may be able to help, it’s often difficult to do so for this type of issue.

To utilize the resources at our Technical Assistance Center, please visit http://www.cisco.com/tac and to open a case with one of our TAC engineers, visit http://www.cisco.com/tac/caseopen

If anyone else in the forum has some advice, please reply to this thread.

Thank you for posting.