From: Brian Dennis (bdennis@internetworkexpert.com)
Date: Wed Dec 15 2004 - 14:13:19 GMT-3
Tim,
Enable aaa (aaa new-model) then type "aaa authentication ?" in
the global configuration. The answer will be there ;-)
Brian Dennis, CCIE #2210 (R&S/ISP-Dial/Security)
bdennis@internetworkexpert.com
Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987
Direct: 775-745-6404 (Outside the US and Canada)
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
ccie2be
Sent: Wednesday, December 15, 2004 8:50 AM
To: Group Study
Subject: PPP Authentication
Hi guys,
Suppose you have a user (or router) that calls into another router using
ISDN
and PPP.
You want the user (or router) calling in to be authenticated but instead
of
using the local username database, you want the caller to be
authenticated using TACACS+ or RADIUS.
I know how to configure everything except how to configured the called
router
to use an authentication server to authenticate the caller.
So, let's say I want chap used between the caller and the router and
TACACS+
between the router and authentication server.
I would still use the commmand, ppp authentication chap, under the bri
interface, right?
Now, after the caller submits his username and password using Chap, how
do I
make the router send that to the TACACS+ server?
Assume all the other commands for tacacs and ppp have been configured.
Thanks, Tim
This archive was generated by hypermail 2.1.4 : Mon Jan 03 2005 - 10:31:27 GMT-3