dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
share rss forum feed


addp009
Premium
join:2003-03-08
Kitchener, ON
reply to addp009

Re: IOS and Active Directory intergration using Radius

Thanks guys,

I actually found solution that works. I created loopback interfaces, then use aaa group server radius groups, set the radius server and a source interface to one of the loopbacks.
On the radius server, create clients based on the loopback interface addresses, then create policies matching on Client Friendly Name or Client Address (which are the loopbacks addresses)

aaa group server radius vpnradius
 server-private 10.0.0.2 auth-port 1645 acct-port 1646 key <deleted>
 ip radius source-interface Loopback0
!
aaa authentication login vpnclientauth group vpnradius local
 

--
Addp009's Site


refused

join:2005-10-10
thats good you got it working, but its possible to do it without creating another interface. my suggestion is basically the same idea of what you did, except using a different attribute on the radius server, and without having to create the loopback interface. just a heads up.