[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

How do I configure IAS to Authenticate a C2950 Switch

Posted on 2008-06-12
3
Medium Priority
?
307 Views
Last Modified: 2008-06-26
I currently ave IAS installed on a Windows 2000 Server. I have 2 clients added which are ASA boxes used for VPN and they are setup to authenticate with Radius if the user is in a certain Active Directory Group. This works fine. Now I am looking at using the same IAS Server to authenticate users logging in to manage our switches (Cisco 2950s). From what I can see in the IAS console I can add additional policies but I don't see how to attach a policy to a client. I still want to leave the initial policy for my ASA clients (They must be in the VPN AD group) but for the Switch client I want only users that are in a different AD group (They must be in the Switch AD group) It looks like if I add additional policies my ASA clients will check all ploicies. Can I use IAS for both my needs here?
0
Comment
Question by:Sighclops
  • 2
3 Comments
 
LVL 20

Accepted Solution

by:
Zaheer Iqbal earned 375 total points
ID: 21777754
0
 

Author Comment

by:Sighclops
ID: 21804856
This is a great article and I did find it on the web before. Follow it and i am up authenticating AD users for Switch management.

The main question above and which I am still trying to figure out is how to define a policy depending on the client. If I remove a user from my VPN AD group because I do not want them connecting via VPN but if they are in either of my Switch AD groups they will be able to connect via VPN. No matter which client looks for authentication it will go down the policies from top to bottom until it finds a match.
0
 

Author Comment

by:Sighclops
ID: 21877015
I have managed to get things working but not the way i would like. VPN enabled users can still connect and will be authenticated but they will not be authorized and receive an error.

I will mark this question as answered as the answer above does address the title of my question. Hopefully Windows 2003 will have more options as i may upgrade to this soon.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Suggested Courses

612 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question