We help IT Professionals succeed at work.

Cisco Router 1800 , Windows 2003 Radius Authentication

aladin404
aladin404 asked
on
How can I make radius authentication of cisco router 1800, and can someone explain to me how it works much detailed as possible.


Thak you all for your time.
Comment
Watch Question

Network Administrator, Network Consultant
Top Expert 2011
Commented:
i think its :

aaa new-model
aaa authentication login MYMETHODS group radius local
 
radius-server host 172.16.1.15 auth-port 1645 acct-port 1646 key abcdefg
Ernie BeekSenior infrastructure engineer
Top Expert 2012
Commented:
If I might elaborate ;)

conf t
aaa new-model
aaa authentication login default group radius local
aaa authorization exec default group radius if-authenticated
aaa authorization network default group radius if-authenticated
radius-server host 1.2.3.4 auth-port 1812 acct-port 1813 key ********
line vty 0 4
login authentication default
Thomas AamodtNetwork Architect

Commented:
Problerlly you need to make RSA key's also. to encrypt the login.
Ernie BeekSenior infrastructure engineer
Top Expert 2012

Commented:
Not really. That's one 'issue' with RADIUS on Cisco's, it sends the passwords using PAP.......
SouljaSr.Net.Eng
Top Expert 2011
Commented:
Basically, the router sends all authentication requests to the radius server. The radius server checks either is local database to verify credentials or an external database, such as LDAP or Active directory. Then it either reject or accepts the request and notifies the router. In other words like TACACS, its a means of storing credentials and rights externally and centralized instead of locally on the router.