https://community.cisco.com/t5/network-security/centralized-ias-radius-authentication-under-ids-ips-4260/m-p/1440018#M67199 <HTML><HEAD></HEAD><BODY><P>Hello</P><P></P><P>What version are you running on the IPS?</P><P></P><P>Login to the CLI and keep running the show events command, then login with HTTPS (IDM) and post the exact error in the event log</P><P></P><P>Regards</P><P>Farrukh</P></BODY></HTML> Thu, 17 Nov 2011 03:25:38 GMT Farrukh Haroon 2011-11-17T03:25:38Z https://community.cisco.com/t5/network-security/centralized-ias-radius-authentication-under-ids-ips-4260/m-p/1440011#M67176 <P>All,</P><P></P><P>I have been tasked with the configuring centralized authentication via IAS for all the IPS/IDS devices in the enterprise.&nbsp; After much invest I'm almost sure that due to limitations inherent to the device my goal is not obtainable.&nbsp; However, I am still not 100% sure.&nbsp; My questions are:</P><P></P><P>1. Can anyone provide a link or any documentation showing definitively whether or not the IPS 4260 supports IAS/Radius authentication?</P><P>&nbsp;&nbsp;&nbsp;&nbsp; a. If not, what would be a suitable alternative? CSM, etc.?</P> Sun, 10 Mar 2019 12:01:55 GMT https://community.cisco.com/t5/network-security/centralized-ias-radius-authentication-under-ids-ips-4260/m-p/1440011#M67176 Racquel_Mays 2019-03-10T12:01:55Z https://community.cisco.com/t5/network-security/centralized-ias-radius-authentication-under-ids-ips-4260/m-p/1440012#M67179 <HTML><HEAD></HEAD><BODY><P>Cisco's IPS sensors do not currently support externally authenticated access.&nbsp; They will only support</P><P>local username/password authentication and role assignment.</P><P></P><P>Scott</P></BODY></HTML> Thu, 17 Jun 2010 16:28:17 GMT https://community.cisco.com/t5/network-security/centralized-ias-radius-authentication-under-ids-ips-4260/m-p/1440012#M67179 Scott Fringer 2010-06-17T16:28:17Z https://community.cisco.com/t5/network-security/centralized-ias-radius-authentication-under-ids-ips-4260/m-p/1440013#M67183 <HTML><HEAD></HEAD><BODY><P>This is available with the latest release.</P></BODY></HTML> Fri, 30 Jul 2010 20:47:33 GMT https://community.cisco.com/t5/network-security/centralized-ias-radius-authentication-under-ids-ips-4260/m-p/1440013#M67183 trippi 2010-07-30T20:47:33Z https://community.cisco.com/t5/network-security/centralized-ias-radius-authentication-under-ids-ips-4260/m-p/1440014#M67187 <HTML><HEAD></HEAD><BODY><P>To be specific, software release 7.0(4)E4 adds support for AAA via RADIUS (but not TACACS+).&nbsp; For more information, check out the Cisco document here:</P><P><A href="http://www.cisco.com/en/US/docs/security/ips/7.0/configuration/guide/cli/cli_setup.html#wp1033251">http://www.cisco.com/en/US/docs/security/ips/7.0/configuration/guide/cli/cli_setup.html#wp1033251</A></P><P></P><P>It's important to note that AAA/RADIUS is NOT supported with the latest release of IME (7.0(3)).</P></BODY></HTML> Tue, 10 Aug 2010 08:21:09 GMT https://community.cisco.com/t5/network-security/centralized-ias-radius-authentication-under-ids-ips-4260/m-p/1440014#M67187 mikecrowe4ICS_2 2010-08-10T08:21:09Z https://community.cisco.com/t5/network-security/centralized-ias-radius-authentication-under-ids-ips-4260/m-p/1440015#M67193 <HTML><HEAD></HEAD><BODY><P>Thanks!&nbsp; I'll try this.</P></BODY></HTML> Tue, 17 Aug 2010 21:36:33 GMT https://community.cisco.com/t5/network-security/centralized-ias-radius-authentication-under-ids-ips-4260/m-p/1440015#M67193 Racquel_Mays 2010-08-17T21:36:33Z https://community.cisco.com/t5/network-security/centralized-ias-radius-authentication-under-ids-ips-4260/m-p/1440016#M67196 <HTML><HEAD></HEAD><BODY><P>Please note that the latest IME version (7.1.1) supports the Radius (AAA) Feature on CIsco IPS Sensors:</P><P></P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/docs/security/ips/7.1/release/notes/24340_01.html#wp1296082">http://www.cisco.com/en/US/docs/security/ips/7.1/release/notes/24340_01.html#wp1296082</A></P><P></P><P>Please rate if helpful.</P><P></P><P>Regards</P><P></P><P>Farrukh</P></BODY></HTML> Sat, 26 Feb 2011 08:54:26 GMT https://community.cisco.com/t5/network-security/centralized-ias-radius-authentication-under-ids-ips-4260/m-p/1440016#M67196 Farrukh Haroon 2011-02-26T08:54:26Z https://community.cisco.com/t5/network-security/centralized-ias-radius-authentication-under-ids-ips-4260/m-p/1440017#M67197 <HTML><HEAD></HEAD><BODY><P>Hi All,</P><P></P><P>I have several IPS ASA-SSM-10 and IPS 4260, I spent several hours trying to get them to authenticate through MS IAS 2003 R2, I was able to get them authenticated thru SSH but not in ASDM. I really appreciate if anyone have any information how to get these working in ASDM.</P><P></P><P>Thanks</P><P></P><P>Si</P></BODY></HTML> Wed, 16 Nov 2011 23:56:43 GMT https://community.cisco.com/t5/network-security/centralized-ias-radius-authentication-under-ids-ips-4260/m-p/1440017#M67197 bestsoftware 2011-11-16T23:56:43Z https://community.cisco.com/t5/network-security/centralized-ias-radius-authentication-under-ids-ips-4260/m-p/1440018#M67199 <HTML><HEAD></HEAD><BODY><P>Hello</P><P></P><P>What version are you running on the IPS?</P><P></P><P>Login to the CLI and keep running the show events command, then login with HTTPS (IDM) and post the exact error in the event log</P><P></P><P>Regards</P><P>Farrukh</P></BODY></HTML> Thu, 17 Nov 2011 03:25:38 GMT https://community.cisco.com/t5/network-security/centralized-ias-radius-authentication-under-ids-ips-4260/m-p/1440018#M67199 Farrukh Haroon 2011-11-17T03:25:38Z https://community.cisco.com/t5/network-security/centralized-ias-radius-authentication-under-ids-ips-4260/m-p/1440019#M67201 <HTML><HEAD></HEAD><BODY><P> Hi Farrukh,</P><P></P><P>All IPS/IDS are running version 7.0.4. I did what you recommended and below are the logs I captured:</P><P></P><P>evStatus: eventId=1306479664548993105 vendor=Cisco </P><P><BR />&nbsp; originator: </P><P><BR />&nbsp;&nbsp;&nbsp; hostId: NACAIRVIDLAB1</P><P><BR />&nbsp;&nbsp;&nbsp; appName: cidwebserver</P><P><BR />&nbsp;&nbsp;&nbsp; appInstanceId: 349</P><P><BR />&nbsp; time: 2011/11/17 16:57:45 2011/11/17 16:57:45 UTC</P><P><BR />&nbsp; loginAction: action=loginFailed </P><P><BR />&nbsp;&nbsp;&nbsp; description: User failed to authenticate with the HTTP server</P><P><BR />&nbsp;&nbsp;&nbsp; userName: best\xsxtran</P><P><BR />&nbsp;&nbsp;&nbsp; userAddress: port=64368 10.90.204.17</P><P></P><P></P><P></P><P><BR />evStatus: eventId=1306479664548993106 vendor=Cisco </P><P><BR />&nbsp; originator: </P><P><BR />&nbsp;&nbsp;&nbsp; hostId: NACAIRVIDLAB1</P><P><BR />&nbsp;&nbsp;&nbsp; appName: cidwebserver</P><P><BR />&nbsp;&nbsp;&nbsp; appInstanceId: 349</P><P><BR />&nbsp; time: 2011/11/17 16:57:58 2011/11/17 16:57:58 UTC</P><P><BR />&nbsp; loginAction: action=loginFailed </P><P><BR />&nbsp;&nbsp;&nbsp; description: User failed to authenticate with the HTTP server</P><P><BR />&nbsp;&nbsp;&nbsp; userName: best\xsxtran</P><P><BR />&nbsp;&nbsp;&nbsp; userAddress: port=64369 10.90.204.17</P><P></P><P>Thanks for all your help</P><P></P><P>Si</P></BODY></HTML> Thu, 17 Nov 2011 17:08:28 GMT https://community.cisco.com/t5/network-security/centralized-ias-radius-authentication-under-ids-ips-4260/m-p/1440019#M67201 bestsoftware 2011-11-17T17:08:28Z https://community.cisco.com/t5/network-security/centralized-ias-radius-authentication-under-ids-ips-4260/m-p/1440020#M67204 <HTML><HEAD></HEAD><BODY><P>Hello,</P><P></P><P>I think I saw the same issue before, in your AAA config on the sensor(s) please change the default user role to administrator.</P><P></P><P>On the CLI:</P><P></P><P>service aaa</P><P>default-user-role administrator</P><P></P><P>This can also be done through the GUI (IDM).</P><P></P><P>Regards</P><P>Farrukh</P></BODY></HTML> Sat, 19 Nov 2011 07:24:09 GMT https://community.cisco.com/t5/network-security/centralized-ias-radius-authentication-under-ids-ips-4260/m-p/1440020#M67204 Farrukh Haroon 2011-11-19T07:24:09Z https://community.cisco.com/t5/network-security/centralized-ias-radius-authentication-under-ids-ips-4260/m-p/1440021#M67207 <HTML><HEAD></HEAD><BODY><P> Hi Farrukh,</P><P></P><P>Thanks for helping. I figured out the problem. It was the IOS bug. It worked as soon as I upgraded to version 7.0.6. All my IPS/IDS authenticated through Microsoft Radius now.</P><P></P><P>Si</P></BODY></HTML> Mon, 21 Nov 2011 16:28:44 GMT https://community.cisco.com/t5/network-security/centralized-ias-radius-authentication-under-ids-ips-4260/m-p/1440021#M67207 bestsoftware 2011-11-21T16:28:44Z https://community.cisco.com/t5/network-security/centralized-ias-radius-authentication-under-ids-ips-4260/m-p/1440022#M67210 <HTML><HEAD></HEAD><BODY><P>I'm glad you have it working now and thanks for sharing with everybody</P><P></P><P>Regards</P><P></P><P>Farrukh</P></BODY></HTML> Mon, 21 Nov 2011 17:51:33 GMT https://community.cisco.com/t5/network-security/centralized-ias-radius-authentication-under-ids-ips-4260/m-p/1440022#M67210 Farrukh Haroon 2011-11-21T17:51:33Z