• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 302
  • Last Modified:

setup radius authentication for AD groups

Hello EE,

On my cisco routers, I have radius authentication setup to allow access into the router.  However, is there a way to permit access only if user is in Domain Admins AD group?  I don't want users getting to the "router>" prompt unless they are Domain Admins.

Thanks!
0
ifmtech
Asked:
ifmtech
1 Solution
 
billwhartonCommented:
you would basically have to configure the router to check for 'allow dial-in' permission set up on the user's attributes and you'll have to individually set this dial-in permission for all the domain admins

Something similar to what's being discussed on this thread:
http://www.experts-exchange.com/Software/System_Utilities/Remote_Access/VPN/Q_21859657.html
0
 
ifmtechAuthor Commented:
Thanks for the information!

I also forgot that in the Radius Remote Access Policy I can specify Domain Admins as the WIndows Group.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now