Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

AUTHENTICATE 2500 DIAL-IN USERS with WIN2000 RADIUS

I have been successful in authenticating dial-in users on a 2500 router with a shiva RADIUS which uses the NT4 database. When trying to authenticate the dial-in users against the RRAS/IAS modules on a WIN2000 platform I have had no success. The WIN2000 server has the RRAS module configured to use the RADIUS authentication IAS module. The IAS module recognises the incoming request but cannot authenticate the user/password combination. Should such an authentication scenario work or is the WIN2000 server too advanced (or too tricky) for the aged 2500 router that I am using. I have been using PAP as the authentication protocol.

Any suggestions with my problem will be greatly appreciated.

2 REPLIES
New Member

Re: AUTHENTICATE 2500 DIAL-IN USERS with WIN2000 RADIUS

You have not mentioned whether your IAS server is a standalone server, member server in an NT 4.0 domain, or member server in a Win2k domain.

If the IAS server is a standalone server, you need to create the username/password combination in the local database.

If the IAS server is in a Win2k domain, then the IAS sever must be authorised in Active directory. Only then will the IAS server be able to read user data from active directory.

Check whether the IAS server is configured to accept PAP authentication. Remote access policies in Windows 2000 may prevent clear text authentication.

New Member

Re: AUTHENTICATE 2500 DIAL-IN USERS with WIN2000 RADIUS

Many thanks for your suggestions. I have actually configured a WIN2K PDC and have activated RRAS and IAS on the same machine. I have also configured the test user to be seen as a valid dialin user and have configured IAS to use PAP. The only point that I am not sure about in your comments is authorising IAS in Active Directory, but I am checking on that point.

159
Views
0
Helpful
2
Replies
CreatePlease to create content