Solved

Authenticate using AD credentials on Cisco switch

Posted on 2009-05-04
6
732 Views
Last Modified: 2013-12-24
I have several Cisco 2950/2960 switches, and a Windows Server 2k3 Domain Controller running IAS. Could someone please give me a step by step procedure to implement Active Directory authentication on these switches?

It would be great if I could give one AD group Level 1 access and another group Level 15 access.

Thanks in advance!
0
Comment
Question by:churchlandsshs
  • 4
  • 2
6 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 24294178
Here's part of it. Setup IAS Server, and setup AAA on the switches. This is the easy part.
http://www.blindhog.net/cisco-aaa-login-authentication-with-radius-ms-ias/

Privilege levels gets a little more complicated. You  have to define the commands that a lower-level access group can use, then assign an cisco-av-pair <level> in Radius to the users.
http://support.microsoft.com/kb/319824/?sd=RMVP&fr=1
0
 

Author Comment

by:churchlandsshs
ID: 24300645
Hi lrmoore,
Thanks for your help. I've followed the instructions on blindhog.net, but I get access denied every time. Any ideas?
0
 

Author Comment

by:churchlandsshs
ID: 24300682
Ok figured it out. The user in Active Directory must have Remote Access Permission (Dial-in or VPN) in the Dial-In tab set to Allow access.

Now i've got to figure out the Level 15 vs Level 1 settings :-)
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 79

Expert Comment

by:lrmoore
ID: 24307142
Good job!
Let us know how you get on with the command levels.
0
 

Author Comment

by:churchlandsshs
ID: 24382418
Please find the attached instructions about how to accomplish AAA IAS authentication on Cisco IOS devices.
0
 

Accepted Solution

by:
churchlandsshs earned 0 total points
ID: 24382428
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Join & Write a Comment

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
Video by: Steve
Using examples as well as descriptions, step through each of the common simple join types, explaining differences in syntax, differences in expected outputs and showing how the queries run along with the actual outputs based upon a simple set of dem…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now