Re: Cisco Router RADIUS to IAS
From: Herb Martin (news_at_LearnQuick.com)
Date: 03/04/04
- Previous message: boguscrunch: "AS400 operations console using windows 2000"
- In reply to: steve: "Re: Cisco Router RADIUS to IAS"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 4 Mar 2004 16:14:27 -0600
> guess I am just looking for a website or discussion forum where people
have got this to work....when i use my w2k client to try and con to the
Caveat: I don't have a Cisco router here doing this.
(I am giving you "shoulds" only because no one else has responded.)
> vpn router...it says my username and pw do not exist on the domain...I can
also see the hyperterminal output from the router and it says unable to
My guess would be that perhaps there is (as you suggest) a "minimum IOS"
version for this to work reliably. RADIUS is a standard and either MS or
Cisco might have messed it up but both should have gotten it right by now.
> here are some basic questions i have...
> 1. can I have the dc and ias on the same box and have the cisco router get
radius authentication?
Yes, at least I have tested the IAS-DC part of this. If the Cisco works
at all, the IAS and DC can be together.
> 2. do I need special upgraded cisco software or will 12.2 ios work fine?
See above -- perhaps ask on a "cisco" list.
> 3. the settings on ias seem prety straighforward...or do I need to do a
lot more??
Not usually.
Here's a basic conceptual checklist, but do check the help for an ACTUAL
checklist.
(Many people don't realize that "checklist" is worth searching for in MS
help.)
1) Users must generally have the RRAS allowed permission on their USER
Account
properties -- in native mode+ you can let the policy do this but
let's keep it simple.
2) A "Policy" must match (IAS and RRAS Policies are virtually identical)
3) The Policy selects a SINGLE "profile" which must make sense for
access to continue
(e.g., security settings much be compatible.)
There is an IAS general setting for using the WINDOWS authentication but
that
is the default so unless you changed that then it shouldn't be an issue.
-- Herb Martin "steve" <anonymous@discussions.microsoft.com> wrote in message news:85E8104D-9B5F-4877-B0A1-28829182AF1A@microsoft.com... > thanks for the reply...I have searched all over the internet looking for cisco configs and ias setup info and I have tried different suggestions but none of them work. Some of the material says I need to have a certain version of the ios, other stuff gives me very strange settings for my ias....I guess I am just looking for a website or discussion forum where people have got this to work....when i use my w2k client to try and con to the vpn router...it says my username and pw do not exist on the domain...I can also see the hyperterminal output from the router and it says unable to find ias... i am sure I have the ip's configured correctly....do you have any generic router configs you could point me towards.. > > here are some basic questions i have... > > 1. can I have the dc and ias on the same box and have the cisco router get radius authentication? > > 2. do I need special upgraded cisco software or will 12.2 ios work fine? > > 3. the settings on ias seem prety straighforward...or do I need to do a lot more?? > > thankya kindly > > steve
- Previous message: boguscrunch: "AS400 operations console using windows 2000"
- In reply to: steve: "Re: Cisco Router RADIUS to IAS"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
