Solved

CISCO RADIUS AUTHENTICATION

Posted on 2013-01-25
1
442 Views
Last Modified: 2013-01-30
Scenario -  Users from remote sites must gain access to specific VRF's within a Core Switch.  The fronting Router or Layer 3 Switch must direct traffic to the appropriate interface on the core Switch to ensure traffic enters the correct VRF.

I could use source IP addressing and create a route map --this is one solution.

I am also looking for a solution that would involve radius authentication.  Effectively can a Radius Server somehow or someway influence the port or interface that the traffic will exit depending on the authentication.    

example) User from Remote Site A must be directed to VRF 100.  Entry to VRF 100 on the Core Switch is through interface Gig 1/1.   This interface (Gig 1/1) is conncected directly to interface gig 2/1 on the fronting Router Cisco 3900.    How do I force the user from Site A to exit interface Gig 2/1 on the Cisco Router based on how he authenticated with the Radius Server.


I am open to employing any device including firewalls, layer 3 switches, routers etc.
0
Comment
Question by:sectel
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 20

Accepted Solution

by:
agonza07 earned 500 total points
ID: 38819395
Check this out.
http://www.cisco.com/en/US/docs/ios-xml/ios/sec_usr_radatt/configuration/15-mt/sec-rad-att-104.html

Would have to be set up on the 3900 and directed to the VRF port you require. You'll have to do some testing on this to see if it works for you. I've not personally deployed it.
0

Featured Post

Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Arrow Electronics was searching for a KVM  (Keyboard/Video/Mouse) switch that could display on one single monitor the current status of all units being tested on the rack.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question