IOS Routers to Access Radius Server over VPN Tunnel - How?
I have a site-to-site IOS IPSEC VPN solution in place - (20 spoke routers and 1 hub) - everything is working fine.
I now need the spoke routers to be able to access a radius server host over the VPN tunnel at the HUB end.
I am not able to ping/access the radius server from the CONSOLE/TERMINAL of the router but clients on the LAN side (spoke end) can. This means the spoke routers cannot talk to the radius server over the VPN tunnel.
Re: IOS Routers to Access Radius Server over VPN Tunnel - How?
If you ping FROM the router console then the source of the packet is the router's outside IP address and therefore doesn't match your crypto access-list, and therefore doesn't get encrypted. If you source the ping packet from the inside interface of the router, then this will match the ACL and everything will work.
Similarly, you need to have the router source all its Radius packets from the inside interface so it will get encrypted. Use the command:
ip radius source-interface
You'll need to change your Radius server and add the NAS's in with the inside IP address rather than the outside.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...