To configure IAS in this instance (once it has been installed and registered with Active Directory), we’ll do the following:
Add the Cisco Catalyst switch as a RADIUS client. We’ll need to be sure to specify the same shared secret as used in the switch configuration above. You can specify the Cisco switch either by DNS name (if it is registered in DNS) or by IP address.
Create a new remote access policy that grants remote access permission. The conditions on the policy should be “NAS-IP-Address” (set to the IP address of the Cisco equipment) and “Windows-Groups” (set to whatever group should be allowed to authenticate to the switch.
Configure the profile to use only PAP authentication and no encryption.
Service Type (Vendor=Radius Standard), Value=Framed.
Client Vendor = RADIUS Standard or CISCO
http://fixingit.wordpress.com/2009/09/08/using-windows-server-2008-as-a-radius-server-for-a-cisco-asa/
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment