• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 298
  • Last Modified:

setup radius authentication for AD groups

Hello EE,

On my cisco routers, I have radius authentication setup to allow access into the router.  However, is there a way to permit access only if user is in Domain Admins AD group?  I don't want users getting to the "router>" prompt unless they are Domain Admins.

Thanks!
0
ifmtech
Asked:
ifmtech
1 Solution
 
billwhartonCommented:
you would basically have to configure the router to check for 'allow dial-in' permission set up on the user's attributes and you'll have to individually set this dial-in permission for all the domain admins

Something similar to what's being discussed on this thread:
http://www.experts-exchange.com/Software/System_Utilities/Remote_Access/VPN/Q_21859657.html
0
 
ifmtechAuthor Commented:
Thanks for the information!

I also forgot that in the Radius Remote Access Policy I can specify Domain Admins as the WIndows Group.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now