Solved

Authenticate using AD credentials on Cisco switch

Posted on 2009-05-04
6
751 Views
Last Modified: 2013-12-24
I have several Cisco 2950/2960 switches, and a Windows Server 2k3 Domain Controller running IAS. Could someone please give me a step by step procedure to implement Active Directory authentication on these switches?

It would be great if I could give one AD group Level 1 access and another group Level 15 access.

Thanks in advance!
0
Comment
Question by:churchlandsshs
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 24294178
Here's part of it. Setup IAS Server, and setup AAA on the switches. This is the easy part.
http://www.blindhog.net/cisco-aaa-login-authentication-with-radius-ms-ias/

Privilege levels gets a little more complicated. You  have to define the commands that a lower-level access group can use, then assign an cisco-av-pair <level> in Radius to the users.
http://support.microsoft.com/kb/319824/?sd=RMVP&fr=1
0
 

Author Comment

by:churchlandsshs
ID: 24300645
Hi lrmoore,
Thanks for your help. I've followed the instructions on blindhog.net, but I get access denied every time. Any ideas?
0
 

Author Comment

by:churchlandsshs
ID: 24300682
Ok figured it out. The user in Active Directory must have Remote Access Permission (Dial-in or VPN) in the Dial-In tab set to Allow access.

Now i've got to figure out the Level 15 vs Level 1 settings :-)
0
Building an interactive eFuture classroom

Watch and learn how ATEN provided a total control system solution including seamless switching matrix switch, HDBaseT extenders, PDU, lighting control to build an interactive eFuture classroom.

 
LVL 79

Expert Comment

by:lrmoore
ID: 24307142
Good job!
Let us know how you get on with the command levels.
0
 

Author Comment

by:churchlandsshs
ID: 24382418
Please find the attached instructions about how to accomplish AAA IAS authentication on Cisco IOS devices.
0
 

Accepted Solution

by:
churchlandsshs earned 0 total points
ID: 24382428
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
In this blog post, we’ll look at how ClickHouse performs in a general analytical workload using the star schema benchmark test.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question