setup radius authentication for AD groups

Hello EE,

On my cisco routers, I have radius authentication setup to allow access into the router.  However, is there a way to permit access only if user is in Domain Admins AD group?  I don't want users getting to the "router>" prompt unless they are Domain Admins.

Who is Participating?
billwhartonConnect With a Mentor Commented:
you would basically have to configure the router to check for 'allow dial-in' permission set up on the user's attributes and you'll have to individually set this dial-in permission for all the domain admins

Something similar to what's being discussed on this thread:
ifmtechAuthor Commented:
Thanks for the information!

I also forgot that in the Radius Remote Access Policy I can specify Domain Admins as the WIndows Group.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.