Solved

Authenticate using AD credentials on Cisco switch

Posted on 2009-05-04
6
750 Views
Last Modified: 2013-12-24
I have several Cisco 2950/2960 switches, and a Windows Server 2k3 Domain Controller running IAS. Could someone please give me a step by step procedure to implement Active Directory authentication on these switches?

It would be great if I could give one AD group Level 1 access and another group Level 15 access.

Thanks in advance!
0
Comment
Question by:churchlandsshs
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 24294178
Here's part of it. Setup IAS Server, and setup AAA on the switches. This is the easy part.
http://www.blindhog.net/cisco-aaa-login-authentication-with-radius-ms-ias/

Privilege levels gets a little more complicated. You  have to define the commands that a lower-level access group can use, then assign an cisco-av-pair <level> in Radius to the users.
http://support.microsoft.com/kb/319824/?sd=RMVP&fr=1
0
 

Author Comment

by:churchlandsshs
ID: 24300645
Hi lrmoore,
Thanks for your help. I've followed the instructions on blindhog.net, but I get access denied every time. Any ideas?
0
 

Author Comment

by:churchlandsshs
ID: 24300682
Ok figured it out. The user in Active Directory must have Remote Access Permission (Dial-in or VPN) in the Dial-In tab set to Allow access.

Now i've got to figure out the Level 15 vs Level 1 settings :-)
0
What Is Transaction Monitoring and who needs it?

Synthetic Transaction Monitoring that you need for the day to day, which ensures your business website keeps running optimally, and that there is no downtime to impact your customer experience.

 
LVL 79

Expert Comment

by:lrmoore
ID: 24307142
Good job!
Let us know how you get on with the command levels.
0
 

Author Comment

by:churchlandsshs
ID: 24382418
Please find the attached instructions about how to accomplish AAA IAS authentication on Cisco IOS devices.
0
 

Accepted Solution

by:
churchlandsshs earned 0 total points
ID: 24382428
0

Featured Post

Transaction Monitoring Vs. Real User Monitoring

Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Never store passwords in plain text or just their hash: it seems a no-brainier, but there are still plenty of people doing that. I present the why and how on this subject, offering my own real life solution that you can implement right away, bringin…
These days, all we hear about hacktivists took down so and so websites and retrieved thousands of user’s data. One of the techniques to get unauthorized access to database is by performing SQL injection. This article is quite lengthy which gives bas…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question