dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
895
share rss forum feed

aastal

join:2003-12-30
1300

[HELP] Remote Access ...

Hi,

I need some help for drawing small sketch diagram for the components of the following scenario.
We are about to order Analog Modem explained in this link:

www.cisco.com/en/US/products/hw/···ta_sheet 09186a00801b1c38.html'

i need some help from you to draw the map as to help me understand the different parts of the solution (16 port analog modem, 2600 router, authentication and user management, auditing).

some body told me about the TACACS and Radius methods for authentication and auditing. i tried hardly to find how these components will be integrated and listed on the diagram.

I really do appreciate your quick response.
Thanks in advance for help,
Ashraf


Covenant
Premium,MVM
join:2003-07-01
England
Have a look at this to see how it will be implemented without TACACS and radius methods:

»www.cisco.com/en/US/products/hw/···cd.shtml

Authentication is carried out by the router itself.

You might want to have a look at these links too:

Radius

TACACS

Hope these help.


Covenant
Premium,MVM
join:2003-07-01
England
reply to aastal
and BTW... welcome to the Cisco Forum. LOL!


Covenant
Premium,MVM
join:2003-07-01
England
reply to aastal
Click for full size
I *think* this is what you want your network to look like but since I am not familiar with your setup, this is only a stab in the dark.

Good luck Ashraf.

aastal

join:2003-12-30
1300
reply to aastal
Well,

Many thanks for your quick reply
One more thing i still need to know,

How i can track dial in users (Auditing)? in both cases using TACACS/Radius or without using TACACS/Radius ..

Thanks,


nozero
Eschew Obfuscation
Premium,MVM,ExMod 2003-06
join:1999-12-29
InnerSanctum
kudos:3
Reviews:
·PowWeb
·Time Warner Cable
reply to aastal
Welcome to BBR and the Cisco Forum aastal See Profile and congratulations on your first post as a member. Great to have you here.


Covenant
Premium,MVM
join:2003-07-01
England
reply to aastal
With TACACS/RADIUS Server, depends on the server.

With the router performing the authentication, you can use SNMP, syslog or just a normal show command:

Praetorian#sh aaa ?
attributes Show attributes supported by AAA subsystem
cache Show contents of AAA caches
method-lists Show method lists defined in the AAA subsystem
servers Show AAA Servers as seen by the AAA Server MIB
sessions Show AAA Sessions as seen by AAA Session MIB
user Show users active in the AAA subsystem

For all its faults, Windows Server is a decent RADIUS server.

Here's a link for the background:

»www.microsoft.com/technet/treevi···dius.asp

*Personally*, I would use a RADIUS server, hence making user management easier from the point of security and it also facilitates auditing. Just my 2 pence.

aastal

join:2003-12-30
1300
reply to aastal
Nozero, Thanks for your greetings ...:D

Covenant, You are a super hero

Following up to the Radius issue, can we integrate it with Active Directory Windows2000?

and can radius be installed on the same machine running windows 2000 Active Directory?

and finally, i noticed on your diagram that you placed two radius servers, why?

Thanks again,
Happy new year in advance,
Ashraf


Covenant
Premium,MVM
join:2003-07-01
England

1 recommendation

said by aastal:
Following up to the Radius issue, can we integrate it with Active Directory Windows2000?

and can radius be installed on the same machine running windows 2000 Active Directory?

I believe so but may I suggest you post a question in the MS forum (link below) to ask them these questions and also for docs on how to do it. The guys there are really good:

»Microsoft

said by aastal:

and finally, i noticed on your diagram that you placed two radius servers, why?

Redundancy being one of the myriad of other reasons. But you only really need a primary RADIUS server, the secondary is optional.

New year greetings to you too Ashraf.