Solved

CISCO RADIUS AUTHENTICATION

Posted on 2013-01-25
1
439 Views
Last Modified: 2013-01-30
Scenario -  Users from remote sites must gain access to specific VRF's within a Core Switch.  The fronting Router or Layer 3 Switch must direct traffic to the appropriate interface on the core Switch to ensure traffic enters the correct VRF.

I could use source IP addressing and create a route map --this is one solution.

I am also looking for a solution that would involve radius authentication.  Effectively can a Radius Server somehow or someway influence the port or interface that the traffic will exit depending on the authentication.    

example) User from Remote Site A must be directed to VRF 100.  Entry to VRF 100 on the Core Switch is through interface Gig 1/1.   This interface (Gig 1/1) is conncected directly to interface gig 2/1 on the fronting Router Cisco 3900.    How do I force the user from Site A to exit interface Gig 2/1 on the Cisco Router based on how he authenticated with the Radius Server.


I am open to employing any device including firewalls, layer 3 switches, routers etc.
0
Comment
Question by:sectel
1 Comment
 
LVL 20

Accepted Solution

by:
agonza07 earned 500 total points
ID: 38819395
Check this out.
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_usr_radatt/configuration/15-mt/sec-rad-att-104.html

Would have to be set up on the 3900 and directed to the VRF port you require. You'll have to do some testing on this to see if it works for you. I've not personally deployed it.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question