[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1072
  • Last Modified:

How to make a Radius server with a Cisco 1841 Router ?

I have a Cisco 1841 router connect to a Cisco WAP4410N WiFi Access Point. On the router, I use AAA local authentication for VPN users. I would like to use the same set of login/password to access WiFI with WPA2 Enterprise. I have no other server on site, so I would like to use the router as a Radius server for the AP. Is it possible ? How can I do that ?

Thanks
0
isstar
Asked:
isstar
  • 3
  • 3
  • 2
2 Solutions
 
emilgasCommented:
how did you have your AAA authentication setup? Did you setup TACACS+ or something else?
0
 
SouljaCommented:
Not to my knowledge. The router can only refer to a radius server, not be one. There are free radius solutions out there.
0
 
SouljaCommented:
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
isstarAuthor Commented:
@emilgas No TACACS+. Here is a piece of my config file :

aaa new-model
!
!
aaa authentication login default local
aaa authentication login BTN-VPN local
aaa authorization exec default local 
aaa authorization network BTN-VPN local 
!
!
aaa session-id common
!
username antoine privilege 15 secret 5 xxxxxxx
!
crypto isakmp profile BTN-VPN-IKE
   match identity group BTN-VPN
   client authentication list BTN-VPN
   isakmp authorization list BTN-VPN
   client configuration address respond
   virtual-template 1

Open in new window


@Soulja An external FreeRadius server would be better, I agree. But as I can put no computer on site, it 's not possible.
0
 
SouljaCommented:
The radius does not have to be locally at the site. As long as the router can communicate with it, you will be fine. Otherwise you only other option is local usernames on the router.
0
 
emilgasCommented:
That's right, Radius server can be on this side of the VPN tunnel. as long as you provide the your wireless where it is and it's accessible you are all good.
0
 
isstarAuthor Commented:
Ok I will try with a FreeRadius offsite server.

Thanks to both of you
0
 
isstarAuthor Commented:
No solution but good workaround.
0

Featured Post

Granular recovery for Microsoft Exchange

With Veeam Explorer for Microsoft Exchange you can choose the Exchange Servers and restore points you’re interested in, and Veeam Explorer will present the contents of those mailbox stores for browsing, searching and exporting.

  • 3
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now