Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Radius authentication

Hi forum,

Is there a way to use Radius to authenticate users(based on windows user accounts) when they are connected to the switches before granting them access to the windows environment?

3 REPLIES
Silver

Re: Radius authentication

Hi

The most obvious solution would seem to be 802.1x port security. The switch then doesnt give any network access until the AAA server gives back a result.

You could use vlans from ACS so that authenticated users get onto the network where the windows servers reside, and everyone else gets dumped to somewhere else.

The switch needs a pre-configured username/password so that PCs without 802.1x configured can still be authenticated to receive the non-windows vlan assignment.

This stuff is all part of the NAC framework, although you dont need all the extra complexity of posture validation and stuff.

Darran

New Member

Re: Radius authentication

Hi Darran,

Thanks for your reply. I will explore the areas you mentioned.

Thanks much & Best regards,

Paul

New Member

Re: Radius authentication

Disregard above entry is correct.

120
Views
0
Helpful
3
Replies