dslreports logo
spacer Home Reviews Speed Test Tools News Forums Info About Join  
 
    All Forums Hot Topics Gallery
spc

Search similar:
ForumsEquipment SupportHardware By Brand

Cisco[HELP] Remote Access ...

 uniqs
1143
Share
« Resetting Catalyst 2900XL to Default ConfigUpgrade PDM / OS software on PIX 501 »
aastal
join:2003-12-30
1300

aastal

Member

2003-Dec-30 12:11 pm

[HELP] Remote Access ...

Hi,

I need some help for drawing small sketch diagram for the components of the following scenario.
We are about to order Analog Modem explained in this link:

'http://www.cisco.com/en/US/products/hw/routers/ps259/products_data_sheet 09186a00801b1c38.html'

i need some help from you to draw the map as to help me understand the different parts of the solution (16 port analog modem, 2600 router, authentication and user management, auditing).

some body told me about the TACACS and Radius methods for authentication and auditing. i tried hardly to find how these components will be integrated and listed on the diagram.

I really do appreciate your quick response.
Thanks in advance for help,
Ashraf
actions · 2003-Dec-30 12:11 pm ·

Covenant
MVM
join:2003-07-01
England

Covenant

MVM

2003-Dec-30 12:23 pm

Have a look at this to see how it will be implemented without TACACS and radius methods:

»www.cisco.com/en/US/prod ··· cd.shtml

Authentication is carried out by the router itself.

You might want to have a look at these links too:

Radius

TACACS

Hope these help.
actions · 2003-Dec-30 12:23 pm ·
Covenant

Covenant to aastal

MVM

2003-Dec-30 12:25 pm

to aastal
and BTW... welcome to the Cisco Forum. LOL!
actions · 2003-Dec-30 12:25 pm ·
Covenant

Covenant to aastal

MVM

2003-Dec-30 12:50 pm

to aastal
Click for full size
I *think* this is what you want your network to look like but since I am not familiar with your setup, this is only a stab in the dark.

Good luck Ashraf.
actions · 2003-Dec-30 12:50 pm ·
aastal
join:2003-12-30
1300

aastal

Member

2003-Dec-30 1:08 pm

Well,

Many thanks for your quick reply
One more thing i still need to know,

How i can track dial in users (Auditing)? in both cases using TACACS/Radius or without using TACACS/Radius ..

Thanks,
actions · 2003-Dec-30 1:08 pm ·

nozero
Eschew Obfuscation
MVM,
join:1999-12-29
InnerSanctum

nozero to aastal

MVM,

2003-Dec-30 1:31 pm

to aastal
Welcome to BBR and the Cisco Forum aastal See Profile and congratulations on your first post as a member. Great to have you here.
actions · 2003-Dec-30 1:31 pm ·

Covenant
MVM
join:2003-07-01
England

Covenant to aastal

MVM

2003-Dec-30 1:33 pm

to aastal
With TACACS/RADIUS Server, depends on the server.

With the router performing the authentication, you can use SNMP, syslog or just a normal show command:

Praetorian#sh aaa ?
  attributes    Show attributes supported by AAA subsystem
  cache         Show contents of AAA caches
  method-lists  Show method lists defined in the AAA subsystem
  servers       Show AAA Servers as seen by the AAA Server MIB
  sessions      Show AAA Sessions as seen by AAA Session MIB
  user          Show users active in the AAA subsystem

For all its faults, Windows Server is a decent RADIUS server.

Here's a link for the background:

»www.microsoft.com/techne ··· dius.asp

*Personally*, I would use a RADIUS server, hence making user management easier from the point of security and it also facilitates auditing. Just my 2 pence.
actions · 2003-Dec-30 1:33 pm ·
aastal
join:2003-12-30
1300

aastal

Member

2003-Dec-30 1:53 pm

Nozero, Thanks for your greetings ...:D

Covenant, You are a super hero

Following up to the Radius issue, can we integrate it with Active Directory Windows2000?

and can radius be installed on the same machine running windows 2000 Active Directory?

and finally, i noticed on your diagram that you placed two radius servers, why?

Thanks again,
Happy new year in advance,
Ashraf
actions · 2003-Dec-30 1:53 pm ·

Covenant
MVM
join:2003-07-01
England

1 recommendation

Covenant

MVM

2003-Dec-30 2:06 pm

said by aastal:
Following up to the Radius issue, can we integrate it with Active Directory Windows2000?

and can radius be installed on the same machine running windows 2000 Active Directory?
I believe so but may I suggest you post a question in the MS forum (link below) to ask them these questions and also for docs on how to do it. The guys there are really good:

»Microsoft
said by aastal:

and finally, i noticed on your diagram that you placed two radius servers, why?
Redundancy being one of the myriad of other reasons. But you only really need a primary RADIUS server, the secondary is optional.

New year greetings to you too Ashraf.
actions · 2003-Dec-30 2:06 pm ·
ForumsEquipment SupportHardware By BrandCisco
« Resetting Catalyst 2900XL to Default ConfigUpgrade PDM / OS software on PIX 501 »