Cisco Support Community
Community Member

Radius Configuration

How can I configurate Cisco Secure or AS5300 for not double authentication?

Cisco Employee

Re: Radius Configuration

Pl. explain in detail about what exactly you want to do..thanks..Tejal

Community Member

Re: Radius Configuration

I have a Cisco Secure Server on Unix Version 2.3 (5) and I have several equipment AS5300, when a user connects by dialup to AS5300 he has that to be validate by Cisco Secure.

The configuration of Cisco Secure is:


Reply Attributes------ User-Service-Type(Framed User)

------ Frame Protocol (PPP)

Check Items -------User-Service-Type(Framed User)

-------Frame Protocol (PPP)

The User (CHAP)

I need to know when the user is connected, he can not to connect with the same one username and password for the second time.

The configuration of AS5300 is:

Ver. 12.1(1a)T1

aaa authentication login no_radius enable

aaa authentication login no_consola enable

aaa authentication login line line

aaa authentication ppp default group radius

aaa accounting update newinfo

interface Group-Async1

ip unnumbered Loopback0

encapsulation ppp

async default routing

async mode interactive

no snmp trap link-status

peer default ip address pool default

ppp authentication chap

group-range 1 120

ip radius source-interface Loopback0

radius-server host auth-port 1645 acct-port 1646 key 7 internet radius-server retransmit 3

radius-server timeout 30

radius-server key 7 internet

line 1 120

autoselect ppp

modem InOut

transport preferred none

transport input all

transport output lat pad telnet rlogin udptn v120 lapb-ta



Cisco Employee

Re: Radius Configuration

Here is the link which has a sample config discuss that in detail along with radius config too.

Now, if you don't want user to connect with the same username and password again when they dialin, you need to use OTP (one time password) where password is different for each login..Here is the place which discuss that..For

Double authentication design guide

For One time Password


Cisco Employee

Re: Radius Configuration

If i understand you correctly, you do not want the user to get in again if it has already logged in before i.e. max-session control



CreatePlease to create content