RE: RADIUS question

From: Pilkinton, Scott (SPilkinton@xxxxxxxxxxxxxxxxxxxxxxxx)
Date: Wed May 01 2002 - 22:52:40 GMT-3

• Next message: Tu Nguyen: "RE: Hey ! check out this site..."
• Previous message: Chris Larson: "Re: CCIE #9240"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Jason,

We have this running using Win2k & IAS. The key is defining this in your Remot
e Access Policy. We are using Active Directory authentication and two remote a
ccess policies.

The policy for RAS users match two different requirements - They must be in a p
articular windows group, and they must be trying to authenticate from a particu
lar radius client (the remote access server).

We use the other policy with the admins for telnet access to do router administ
ration. Same deal - unique windows group and they must be trying to authentica
te from one of a number of sources (any the routers and switches in the network
 configured for AAA).

Scott Pilkinton
Network Engineer
Gaylord Entertainment

        -----Original Message-----
        From: Jason Sinclair [mailto:sinclairj@powertel.com.au]
        Sent: Tue 4/30/2002 6:44 PM
        To: 'ccielab@groupstudy.com'
        Cc:
        Subject: RADIUS question
        
        

        All,
        
        Let's say that you have a RADIUS server that you want to authenticate r
outer
        logins on and also want to use this for RAS access. Can you configure
        certain user/pass pairs to only be allowed to access routers, and other
s
        only to dial in?
        
        Cheers,
        
        Jason Sinclair CCIE #9100
        Manager, Network Support Group
        POWERTEL
        Ground Level, 55 Clarence Street,
        SYDNEY NSW 2000
        AUSTRALIA
        office: + 61 2 8264 3820
        mobile: + 61 416 105 858
        * sinclairj@powertel.com.au
        
        
        
        
        **********************************************************************
        PowerTel Limited, winners of
        Broadband Wholesale Carrier of the year, CommsWorld Telecomms Awards 20
01
        Best Emerging Telco, Australian Telecom Awards 2001
        
        **********************************************************************
        This email (including all attachments) is intended solely for the named
        addressee. It is confidential and may contain commercially sensitive
        information. If you receive it in error, please let us know by reply em
ail,
        delete it from your system and destroy any copies.
        
        This email is also subject to copyright. No part of it should be reprod
uced,
        adapted or transmitted without the prior written consent of the copyrig
ht owner.
        
        Emails may be interfered with, may contain computer viruses or other de
fects
        and may not be successfully replicated on other systems. We give no
        warranties in relation to these matters. If you have any doubts about
        the authenticity of an email purportedly sent by us, please contact us
        immediately.
        
        **********************************************************************

• Next message: Tu Nguyen: "RE: Hey ! check out this site..."
• Previous message: Chris Larson: "Re: CCIE #9240"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:58:48 GMT-3