Solved

How do I configure IAS to Authenticate a C2950 Switch

Posted on 2008-06-12
3
299 Views
Last Modified: 2008-06-26
I currently ave IAS installed on a Windows 2000 Server. I have 2 clients added which are ASA boxes used for VPN and they are setup to authenticate with Radius if the user is in a certain Active Directory Group. This works fine. Now I am looking at using the same IAS Server to authenticate users logging in to manage our switches (Cisco 2950s). From what I can see in the IAS console I can add additional policies but I don't see how to attach a policy to a client. I still want to leave the initial policy for my ASA clients (They must be in the VPN AD group) but for the Switch client I want only users that are in a different AD group (They must be in the Switch AD group) It looks like if I add additional policies my ASA clients will check all ploicies. Can I use IAS for both my needs here?
0
Comment
Question by:Sighclops
  • 2
3 Comments
 
LVL 19

Accepted Solution

by:
Zaheer Iqbal earned 125 total points
Comment Utility
0
 

Author Comment

by:Sighclops
Comment Utility
This is a great article and I did find it on the web before. Follow it and i am up authenticating AD users for Switch management.

The main question above and which I am still trying to figure out is how to define a policy depending on the client. If I remove a user from my VPN AD group because I do not want them connecting via VPN but if they are in either of my Switch AD groups they will be able to connect via VPN. No matter which client looks for authentication it will go down the policies from top to bottom until it finds a match.
0
 

Author Comment

by:Sighclops
Comment Utility
I have managed to get things working but not the way i would like. VPN enabled users can still connect and will be authenticated but they will not be authorized and receive an error.

I will mark this question as answered as the answer above does address the title of my question. Hopefully Windows 2003 will have more options as i may upgrade to this soon.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
VLAN Query 25 141
Multiple syslog servers on asa and fwsm ? 3 75
Monitor Internet Usage by Device 2 49
Cisco ACS TACACS 2 38
Managing 24/7 IT Operations is a hands-on job and indeed a difficult one. Over the years I have found some simple tips and techniques to increase the efficiency of the overall operations. The core concept has always been on continuous improvement; a…
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now