Solved

Cisco 1921 AAA setup on has two options

Posted on 2011-03-04
10
1,399 Views
Last Modified: 2012-05-11
Working on configuring a 1921 router.  I am trying to setup aaa in the same way the ASA 5500 series are setup.  In the ASA you can setup server groups and there are several protocol choices including ntdomain.  In the 1921 the only options are radius and tacacs+.  Is there a license I am missing to get the other types or is the 1921 not capable of handling the other protocols?
0
Comment
Question by:dmwynne
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
10 Comments
 
LVL 14

Author Comment

by:dmwynne
ID: 35039640

Cisco IOS Software, C1900 Software (C1900-UNIVERSALK9-M), Version 15.1(3)T, RELE                         ASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Mon 15-Nov-10 21:08 by prod_rel_team

ROM: System Bootstrap, Version 15.0(1r)M9, RELEASE SOFTWARE (fc1)

Montreal1921 uptime is 22 hours, 51 minutes
System returned to ROM by reload at 21:30:18 UTC Thu Mar 3 2011
System image file is "flash:/c1900-universalk9-mz.SPA.151-3.T.bin"
Last reload type: Normal Reload
Last reload reason: Reload Command



This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

Cisco CISCO1921/K9 (revision 1.0) with 487424K/36864K bytes of memory.
Processor board ID FTX1450039J
6 Gigabit Ethernet interfaces
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity disabled.
255K bytes of non-volatile configuration memory.
250864K bytes of USB Flash usbflash0 (Read/Write)


License Info:

License UDI:

-------------------------------------------------
Device#   PID                   SN
-------------------------------------------------
*0        CISCO1921/K9          FTX1450039J



Technology Package License Information for Module:'c1900'

----------------------------------------------------------------
Technology    Technology-package          Technology-package
              Current       Type          Next reboot
-----------------------------------------------------------------
ipbase        ipbasek9      Permanent     ipbasek9
security      securityk9    Permanent     securityk9
data          None          None          None

Configuration register is 0x2102

Open in new window

0
 
LVL 2

Expert Comment

by:mi-sir
ID: 35039880
You are running version 15.0 and ldap was introduced in 15.1(1)T.. so you need an upgrade
than here is ldap configuration guide
http://www.cisco.com/en/US/docs/ios/sec_user_services/configuration/guide/sec_cfg_ldap.html
0
 
LVL 14

Author Comment

by:dmwynne
ID: 35040064
Doesn't line 10 show I am runing 15.1-3 IOS?

Line 10 - System image file is "flash:/c1900-universalk9-mz.SPA.151-3.T.bin"
0
Don't Cry: How Liquid Web is Ensuring Security

WannaCry is just the start. Read how Liquid Web is protecting itself and its customers against new threats.

 
LVL 2

Expert Comment

by:mi-sir
ID: 35040084
ahh sorry I over looked it so check the link about LDAP config
0
 
LVL 14

Author Comment

by:dmwynne
ID: 35040206
OK but I was wondering if this the 1921 had the options that the ASA has.
Noname.jpg
0
 
LVL 2

Expert Comment

by:mi-sir
ID: 35040287
OK didnt know you want to use GUI... not familiar with SDM I prefere CLI and  yes there you can specify
to aaa against LDAP i guess it should be in GUI too
0
 
LVL 14

Author Comment

by:dmwynne
ID: 35040611
don't really need to use the Gui I just used that screenshot to show what I was referring to.  But I don't think ldap is what I want, I need the nt domain.
0
 
LVL 28

Accepted Solution

by:
asavener earned 500 total points
ID: 35063027
It appears that the authentication methods available are:  RADIUS, tacacs+, LDAP, and local database.

NT Domain is not available for IOS-based devices.
0

Featured Post

WordPress Tutorial 4: Recommended Plugins

Now that you have WordPress installed, understand the interface, and know how to install new parts, let’s take a look at our recommended plugins.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On Feb. 28, Amazon’s Simple Storage Service (S3) went down after an employee issued the wrong command during a debugging exercise. Among those affected were big names like Netflix, Spotify and Expedia.
You deserve ‘straight talk’ from your cloud provider about your risk, your costs, security, uptime and the processes that are in place to protect your mission-critical applications.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question