From: Chris Johnston (chris@routerguy.com)
Date: Mon May 19 2003 - 04:06:50 GMT-3
Hi Robert;
I use IAS all of the time for double authentication with the PIX VPN
clients. Works really well.
I too, have wished I could control certain access within the IOS gear
but have not been able to (easily) locate the configuration "stuff"
needed to make that happen.
What the IAS seems to lack is the ability to send back AV pairs to
handle the authorization. In this case, Microsoft has given us a
wonderful AA tool. Not AAA. (As in Authentication and Accounting, Not
Authentication, Authorization and Accounting).
Radius on most *NIX platforms will allow you to do Cisco AV pairs but it
requires a lot of mental jumping jacks to get there.
If you manage to figure out how to get IAS send back AV pairs to the IOS
gear, let us all know.
Then again, this sounds like an interesting challenge for this week.
Chris Johnston
714-306-5746
949-653-8819 (fax)
Cannot find REALITY.SYS. Universe halted.
-------------------------------------------------------------------
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Robert N Myhre
Sent: Saturday, May 17, 2003 12:34 PM
To: ccielab@groupstudy.com
Subject: Microsoft IAS for Radius
Has anyone used Microsoft's IAS server as a Radius server for logon
authentication and authorization?
I have the authentication piece working fine, but I cannot find a way to
get an autocommand to work properly based on the user credentials
supplied. Has anyone got this to work?
Thanks
Robert
This archive was generated by hypermail 2.1.4 : Mon Jun 02 2003 - 15:13:45 GMT-3