Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Vendor Specific Attributes for IAS - What Needs to be Done?

Can somebody explain the necessary VSA attributes for configuring standard PEAP authentication against a Windows 2003 IAS RADIUS server? Is this a requirement to do so? If so, what is the syntax and procedure for doing so?

1 REPLY
Anonymous
N/A

Re: Vendor Specific Attributes for IAS - What Needs to be Done?

If you are simply going to authenticate dial-in users, based on their username/password, via Radius, then this will be possible using standard IETF attributes that both Cisco IOS as well as Microsoft's IAS support without additional configuration.If you want to use any vendor-specific functionality, then you can go for VSAs.

Examples for vendor-specific functionality where extra configuration on IAS is needed would be per-user attributes such as per-user static routes or per-user access lists, as these are implemented using Cisco VSA's. Similary, Microsoft VSA's need to be used if Microsoft proprietary functions, such as MPPE, are to be used. This document might be of use for you:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/secur_c/scprt6/scradatb.htm#8767

253
Views
0
Helpful
1
Replies
CreatePlease to create content