Solved

setup radius authentication for AD groups

Posted on 2008-09-29
2
294 Views
Last Modified: 2013-12-24
Hello EE,

On my cisco routers, I have radius authentication setup to allow access into the router.  However, is there a way to permit access only if user is in Domain Admins AD group?  I don't want users getting to the "router>" prompt unless they are Domain Admins.

Thanks!
0
Comment
Question by:ifmtech
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 11

Accepted Solution

by:
billwharton earned 400 total points
ID: 22601834
you would basically have to configure the router to check for 'allow dial-in' permission set up on the user's attributes and you'll have to individually set this dial-in permission for all the domain admins

Something similar to what's being discussed on this thread:
http://www.experts-exchange.com/Software/System_Utilities/Remote_Access/VPN/Q_21859657.html
0
 
LVL 1

Author Comment

by:ifmtech
ID: 22606673
Thanks for the information!

I also forgot that in the Radius Remote Access Policy I can specify Domain Admins as the WIndows Group.
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When table data gets too large to manage or queries take too long to execute the solution is often to buy bigger hardware or assign more CPUs and memory resources to the machine to solve the problem. However, the best, cheapest and most effective so…
In this blog post, we’ll look at how ClickHouse performs in a general analytical workload using the star schema benchmark test.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question