Cisco Support Community
Community Member

Newbie to RADIUS...Please Help with AAA Authentication with WIN2K

I have the following set up...Win2K with RADIUS running and working with authentication of my PPTP sessions on my PIX515...

I have verified it works with multiple user accounts...

I would like to start exspanding RADIUS to authenticate more than just my PPTP sessions... say to authenticate access to the PDM on the pix and then onto Authentication for my Cisco router (3662).. Here is the catch...

When I enable AAA for authentication for http/PDM it locks me out of the PDM.

Am I missing something on the PIX or do I need to rework the WIN2K set up?

Cisco Employee

Re: Newbie to RADIUS...Please Help with AAA Authentication with

It should be as simple as adding the following commands:

> aaa-server PDMusers protocol radius (or tacacs+)

> aaa authentication http console PDMusers

> aaa-server PDMusers host x.x.x.x

Or if you already have the two "aaa-server" commands in your config (for your PPTP sessions), then all you'd need is the middle command.

What does the log on the Radius server show when you try and authenticate? What does PDM show exactly when you try and access it? If you enable logging on the PIX with:

> logging on

> logging buffer debug

> sho logging

what appears in the syslog after you try and authenticate?

CreatePlease to create content