Solved

CISCO RADIUS AUTHENTICATION

Posted on 2013-01-25
1
441 Views
Last Modified: 2013-01-30
Scenario -  Users from remote sites must gain access to specific VRF's within a Core Switch.  The fronting Router or Layer 3 Switch must direct traffic to the appropriate interface on the core Switch to ensure traffic enters the correct VRF.

I could use source IP addressing and create a route map --this is one solution.

I am also looking for a solution that would involve radius authentication.  Effectively can a Radius Server somehow or someway influence the port or interface that the traffic will exit depending on the authentication.    

example) User from Remote Site A must be directed to VRF 100.  Entry to VRF 100 on the Core Switch is through interface Gig 1/1.   This interface (Gig 1/1) is conncected directly to interface gig 2/1 on the fronting Router Cisco 3900.    How do I force the user from Site A to exit interface Gig 2/1 on the Cisco Router based on how he authenticated with the Radius Server.


I am open to employing any device including firewalls, layer 3 switches, routers etc.
0
Comment
Question by:sectel
1 Comment
 
LVL 20

Accepted Solution

by:
agonza07 earned 500 total points
ID: 38819395
Check this out.
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_usr_radatt/configuration/15-mt/sec-rad-att-104.html

Would have to be set up on the 3900 and directed to the VRF port you require. You'll have to do some testing on this to see if it works for you. I've not personally deployed it.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ASA Troubleshooting: Easy way to determine an interface's next hop 18 94
ASA DHCP setup 5 38
Switch ports not working 8 54
Router disappearing from network on one pc 18 34
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question