Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Radius and cisco 3550

Hi,

i want to insert 20 switch of my network under authentication trought RADIUS SERVER (IAS , windows 2003 server)

ON windows 2003 - IAS

I've create the object with the ip of the switch in the folder "Client RADIUS" and i created the REMOTE Access Policy and in the metodh oh authentication i have selected MD5-challenged.

On my switch, i inserted this command:

aaa new-model

aaa authorization network default group radius none

server-radius host 10.14.78.160 auth 1812 acc 1813

server-radius key cisco

i want exclude the console connection with a radius authentication.

have you a link that explain this?

or can you posted a configuration of switch that have the authentication at the radius?

Thanks for your help

FCostalunga

2 REPLIES
New Member

Re: Radius and cisco 3550

Hi

That should work for you:

aaa new-model

aaa group server radius rad_admin

server 10.14.78.160 auth-port 1812 acct-port 1813

aaa authentication login default group rad_admin

aaa authentication login Console line

aaa authorization exec default group rad_admin

radius-server host 10.14.78.160 auth-port 1812 acct-port 1813 key XXXXXXXXXXXXXXXXX

line con 0

password XXXXXXXXXXXXX

login authentication Console

You have to check wetherever your server works on TCP 1812/1813 or 1645/1646.

With this config you can also login directly to enable mode, if you supply the Radius Atribute

009/001 cisco av-Pair "shell:priv-lvl=15"

Hope that helps (if it does, don't forget to rate)

Simon

New Member

Re: Radius and cisco 3550

281
Views
0
Helpful
2
Replies
CreatePlease to create content