Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Let everybody come in

I am looking for a solution to let everybody through that dials in to our network.

So any username and password is valid and i would prefer the do local authentication on the AS5300's we have. The only thing i am interested in is the aaa accounting that goes to my radius.

Is this possible? If yes can anybody tell me how?

  • Other Network Infrastructure Subjects
5 REPLIES

Re: Let everybody come in

aaa new-model

aaa authentication login DIALIN local

aaa accounting exec start-stop radius

radius-server host

radius-server key

line 1 16 (this could be any value)

login authentication DIALIN.

New Member

Re: Let everybody come in

Is it really that simple?

I understood that if you gave in aaa authentication login DIALIN local the router would look for a local username and password?

Did i realy misunderstood this then?

I hope you can explain that i am wrong.....

Re: Let everybody come in

DIALIN is name of the list that i have created.

A list for AAA is used to define the set of authentication methods in order. Say you want all authentication to be checked first in local database, and if that fails (if no username match is found in local database) you can revert using a second method via RADIUS or TACACS+.

So the above criteria, that i explained can be achieved using,

aaa authenticatin login DIALIN local radius

and apply this list DIALIN to your lines which needs dialup.

New Member

Re: Let everybody come in

Ok i understand the things you say, but it is still possible to deny access to people if they are not in the local database.

Is there something like an accept all statement possible in the local database?

Re: Let everybody come in

Give a none keyword at the end of the statement as follows.

aaa authentication login DIALIN local none.

First the router would check username and password inputed in the local DB, if not available in the Local DB, it would allow the user to be authenticated, due to the "none" keyword.

93
Views
0
Helpful
5
Replies