RE: authentication using NT account (off topic?)

From: Brent D. Stewart, CCSI (brent.stewart@xxxxxxxxxxxxxxxxxxx)
Date: Fri Feb 23 2001 - 22:48:19 GMT-3

• Next message: Chuck Larrieu: "RE: HSRP and OSPF???"
• Previous message: Nigel Taylor: "Re: ISDN problem need help"
• Maybe in reply to: Himawan Nugroho: "authentication using NT account (off topic?)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Windows 2000 has an Internet Authentication Service that allows it to handle
RADIUS requests. I have used it to authenticate telnet requests to a 2501
in my lab and to authenticate VPN traffic to a PIX, so I know it works with
our equipment. It is pretty straight forward to setup but has a "policy"
setting that is similar in logic to an access list and caused me trouble.
Since I wasn't trying to figure out IAS, just the router, I ended up setting
it for something bogus like "accept any at time between 0:00:00 and
23:59:59".

I never found that it kept good logs (could be wrong) so I wouldn't suggest
it for work until I was more comfortable with it, but what I wanted was a
FREE radius server that authenticated against network accounts and it worked
like a champ.

I'd send more specifics, but I have long since torn that lab down and moved
onto other things. Sorry.

Regards,
Brent

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Sathiaseelan Perumal
Sent: Thursday, February 22, 2001 5:22 AM
To: Himawan Nugroho; ccielab@groupstudy.com
Subject: Re: authentication using NT account (off topic?)

There is an microsoft NT radius available on one of the option pack cd ,
this will solve your issue.

----- Original Message -----
From: "Himawan Nugroho" <hnugroho@jakarta.omnes.slb.com>
To: <ccielab@groupstudy.com>
Sent: Wednesday, February 21, 2001 11:21 AM
Subject: authentication using NT account (off topic?)

> Hi,
> This question has nothing to do with CCIE lab (I guess)
>
> but someone came to my lab yesterday and asked how to use Win NT account
as authentication method for his AS5300, and I can't answer that.
> I tried to find out in cisco.com and can't find it. I even open TAC case
for this but nobody answer until now.
>
> This guy want his AS5300 connect to Win NT PDC and get authentication from
the NT account, so his users will use only one account, to connect to AS and
to connect to NT network.
> Can this be done?
>
> I feel so dumb, practice all OSPF and BGP theory but I can't even answer
one question!
>
> rgds,
> Himawan Nugroho
>
>

• Next message: Chuck Larrieu: "RE: HSRP and OSPF???"
• Previous message: Nigel Taylor: "Re: ISDN problem need help"
• Maybe in reply to: Himawan Nugroho: "authentication using NT account (off topic?)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:28:59 GMT-3