Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

configuring Multiple Raduis server on Cisco Router

I have a cisco router that is working as PPPoE NAS server i need to configure multiple raduis server each one is dedicated to an interface so i would have each of my clients authenticate via the proper raduis server

Thanks in advance

1 ACCEPTED SOLUTION

Accepted Solutions
Bronze

Re: configuring Multiple Raduis server on Cisco Router

Hi,

a brief outline of the config steps:

aaa new-model

create 2 separate radius servers, use the modern syntax with host and key in the same line

radius-server host 10.1.1.1 key XXXXXXXXX

radius-server host 10.1.1.2 key XXXXXXXXX


create 2 separate aaa group-servers radgroup1 and radgroup2 and add each of the servers to one aaa group server

aaa group server radius radgroup1 
 server 10.1.1.1
aaa group server radius radgroup2
server 10.1.1.2

create 2 aaa authentication lists with different group servers as a method:

aaa authenticate ppp login1 group radgroup1

aaa authenticate ppp login2 group radgroup2


use the two authetications on the apropriate interfaces:

router(config)#interface {name-of-interface-1}

router(config-if)#ppp authenticate chap login1

router(config)#interface {name-of-interface-2}

router(config-if)#ppp authenticate chap login2

rgds,

MiKa

1 REPLY
Bronze

Re: configuring Multiple Raduis server on Cisco Router

Hi,

a brief outline of the config steps:

aaa new-model

create 2 separate radius servers, use the modern syntax with host and key in the same line

radius-server host 10.1.1.1 key XXXXXXXXX

radius-server host 10.1.1.2 key XXXXXXXXX


create 2 separate aaa group-servers radgroup1 and radgroup2 and add each of the servers to one aaa group server

aaa group server radius radgroup1 
 server 10.1.1.1
aaa group server radius radgroup2
server 10.1.1.2

create 2 aaa authentication lists with different group servers as a method:

aaa authenticate ppp login1 group radgroup1

aaa authenticate ppp login2 group radgroup2


use the two authetications on the apropriate interfaces:

router(config)#interface {name-of-interface-1}

router(config-if)#ppp authenticate chap login1

router(config)#interface {name-of-interface-2}

router(config-if)#ppp authenticate chap login2

rgds,

MiKa

291
Views
0
Helpful
1
Replies