We need to implement a Large Scale Dialout scenario soon and I am looking for some info. Central site needs to connect to about 200 external sites (for remote management). The goal is to have all the connection data coming from a Radius server (actually from a LDAP server). We will also use NAT to hide the remote site's IP ranges as well as the central site IP range (so that would be both source and destination NAT).
My question is this: can a Cisco router retrieve all this information from a Radius server ? I.e. connection info, authentication info and NAT rules ? We are obviously trying to avoid creating profiles on the router and NAT rules (each site would have each own NAT rule) for each remote site. The idea is not to have to touch the router when we need to add / delete / modify a remote site.
On the one hand I don't see a problem with trying this, although I've never done it myself. As long as the public address is in the RADIUS server, you should be fine. Wanting to NAT the central site may make it more interesting, but again the routing and NATing should be done prior to the router deciding it needs to dialout via AAA.
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.