I am in the process of setting up radius authentication on all our routers and switches. I have configured an account on the radius server but I want to restrict access to the router to this one account only. At present any user on the radius server can log on as long as he has the correct credentials. How can I make sure that only this one users credentials allows access to the router ?
Can I do this within the IOS or is there something within AD/IAS (radius) on the authentication server ?
Re: Restrict users who can telnet/console via radius
Thanks fot the reply,
I do not have a problem with getting radius up and running, it is already working ok. What i want to do is limit the users who can log on (telnet on to the cisco etc )via radius. by this i mean there may be 250 valid dialin users but i only want to let a small number have the ability to log on to the cisco devices. the remainder should just be able to authenticate on to the domain as normal but they cant use their usernames and password to authenticate in to the cisco device itself,
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...