Cisco Switch Radius Configuration Work With TekRADIUS AD Authentication - NETSEC

Latest

NETSEC

Learning, Sharing, Creating

Cybersecurity Memo

Wednesday, August 14, 2013

Cisco Switch Radius Configuration Work With TekRADIUS AD Authentication

Cisco Switch Example Configuration:

aaa authentication login default local group radius
aaa authentication enable default enable group radius
          aaa authorization exec default local group radius
radius-server host 10.9.2.4 auth-port 1812 acct-port 1646 key cisco 
line vty 0 4
authorization exec default
login authentication default

TekRadius Configuration:








Logs:

RadAuth req. from : 10.94.200.11:1645 - 14/08/2013 10:58:00 AM
Size              : 97 / 97
Identifier        : 111
Attributes        :

 NAS-Port-Id = tty1
NAS-Port-Type = 5
Reply-Message = Password:
Calling-Station-Id = 10.4.2.4
NAS-IP-Address = 10.4.2.11
NAS-Port = 1
User-Name = yanjohn

 14/08/2013 10:58:00 AM - Active Directory Authentication commencing for user 'yanjohn'

 14/08/2013 10:58:00 AM - Debug message (Check_AD_Group) : An operations error occurred.
14/08/2013 10:58:00 AM - Active Directory group does not match.

 14/08/2013 10:58:00 AM - Active Directory group does not match, sending Failure-Reply (Reject).

 14/08/2013 10:58:00 AM - Fetching Failure-Reply items - Start.

 14/08/2013 10:58:00 AM - Fetching Failure-Reply items - Stop.

 14/08/2013 10:58:00 AM - Generating Reply Packet - Start.

 14/08/2013 10:58:00 AM - Generating Reply Packet - Stop.
Read more

Subscribe via email

Author Image

About ITProSec
Netsec - Learning, Sharing, Creating!

-
Tags:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)