cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1437
Views
0
Helpful
1
Replies

Newbie to RADIUS...Please Help with AAA Authentication with WIN2K

bigassmonkey
Level 1
Level 1

I have the following set up...Win2K with RADIUS running and working with authentication of my PPTP sessions on my PIX515...

I have verified it works with multiple user accounts...

I would like to start exspanding RADIUS to authenticate more than just my PPTP sessions... say to authenticate access to the PDM on the pix and then onto Authentication for my Cisco router (3662).. Here is the catch...

When I enable AAA for authentication for http/PDM it locks me out of the PDM.

Am I missing something on the PIX or do I need to rework the WIN2K set up?

1 Reply 1

gfullage
Cisco Employee
Cisco Employee

It should be as simple as adding the following commands:

> aaa-server PDMusers protocol radius (or tacacs+)

> aaa authentication http console PDMusers

> aaa-server PDMusers host x.x.x.x

Or if you already have the two "aaa-server" commands in your config (for your PPTP sessions), then all you'd need is the middle command.

What does the log on the Radius server show when you try and authenticate? What does PDM show exactly when you try and access it? If you enable logging on the PIX with:

> logging on

> logging buffer debug

> sho logging

what appears in the syslog after you try and authenticate?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: