Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Cisco 1921 AAA setup on has two options

Posted on 2011-03-04
10
Medium Priority
?
1,421 Views
Last Modified: 2012-05-11
Working on configuring a 1921 router.  I am trying to setup aaa in the same way the ASA 5500 series are setup.  In the ASA you can setup server groups and there are several protocol choices including ntdomain.  In the 1921 the only options are radius and tacacs+.  Is there a license I am missing to get the other types or is the 1921 not capable of handling the other protocols?
0
Comment
Question by:dmwynne
  • 4
  • 3
10 Comments
 
LVL 14

Author Comment

by:dmwynne
ID: 35039640

Cisco IOS Software, C1900 Software (C1900-UNIVERSALK9-M), Version 15.1(3)T, RELE                         ASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Mon 15-Nov-10 21:08 by prod_rel_team

ROM: System Bootstrap, Version 15.0(1r)M9, RELEASE SOFTWARE (fc1)

Montreal1921 uptime is 22 hours, 51 minutes
System returned to ROM by reload at 21:30:18 UTC Thu Mar 3 2011
System image file is "flash:/c1900-universalk9-mz.SPA.151-3.T.bin"
Last reload type: Normal Reload
Last reload reason: Reload Command



This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

Cisco CISCO1921/K9 (revision 1.0) with 487424K/36864K bytes of memory.
Processor board ID FTX1450039J
6 Gigabit Ethernet interfaces
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity disabled.
255K bytes of non-volatile configuration memory.
250864K bytes of USB Flash usbflash0 (Read/Write)


License Info:

License UDI:

-------------------------------------------------
Device#   PID                   SN
-------------------------------------------------
*0        CISCO1921/K9          FTX1450039J



Technology Package License Information for Module:'c1900'

----------------------------------------------------------------
Technology    Technology-package          Technology-package
              Current       Type          Next reboot
-----------------------------------------------------------------
ipbase        ipbasek9      Permanent     ipbasek9
security      securityk9    Permanent     securityk9
data          None          None          None

Configuration register is 0x2102

Open in new window

0
 
LVL 2

Expert Comment

by:mi-sir
ID: 35039880
You are running version 15.0 and ldap was introduced in 15.1(1)T.. so you need an upgrade
than here is ldap configuration guide
http://www.cisco.com/en/US/docs/ios/sec_user_services/configuration/guide/sec_cfg_ldap.html
0
 
LVL 14

Author Comment

by:dmwynne
ID: 35040064
Doesn't line 10 show I am runing 15.1-3 IOS?

Line 10 - System image file is "flash:/c1900-universalk9-mz.SPA.151-3.T.bin"
0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
LVL 2

Expert Comment

by:mi-sir
ID: 35040084
ahh sorry I over looked it so check the link about LDAP config
0
 
LVL 14

Author Comment

by:dmwynne
ID: 35040206
OK but I was wondering if this the 1921 had the options that the ASA has.
Noname.jpg
0
 
LVL 2

Expert Comment

by:mi-sir
ID: 35040287
OK didnt know you want to use GUI... not familiar with SDM I prefere CLI and  yes there you can specify
to aaa against LDAP i guess it should be in GUI too
0
 
LVL 14

Author Comment

by:dmwynne
ID: 35040611
don't really need to use the Gui I just used that screenshot to show what I was referring to.  But I don't think ldap is what I want, I need the nt domain.
0
 
LVL 28

Accepted Solution

by:
asavener earned 2000 total points
ID: 35063027
It appears that the authentication methods available are:  RADIUS, tacacs+, LDAP, and local database.

NT Domain is not available for IOS-based devices.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This month, Experts Exchange’s free Course of the Month is focused on CompTIA IT Fundamentals.
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

926 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question