Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1495
Views
0
Helpful
4
Replies

Authentication devices with Windows Radius Server

Francisco Sanchez
Level 1
Level 1

‎04-27-2016 02:34 PM - edited ‎03-10-2019 11:43 PM

Hi

I need help with configuration for authenticate with Windows Radius Server for use AAA configuration on the network device.

The Radius Server is Windows Server 2012.

The Switch are, 2960x, 3850, 3650

Routers are 2900, 3900, 4400

WLC 5760

Thanks for help

Regards

Labels:
0 Helpful
4 Replies 4

Kanwaljeet Singh
Cisco Employee
Cisco Employee

‎04-28-2016 09:02 AM

Hi Francisco,

For configuring windows radius server please see if they below link helps:

http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/117641-config-asa-00.html

Please see section: Windows 2008 Server with NPS Configuration (hope it helps with win 2012)

For switches and routers to act as radius client , configuration is real simple and can be referenced from any user guide.  I am pasting the link for your reference as well:

http://www.cisco.com/c/en/us/td/docs/ios/12_2/security/configuration/guide/fsecur_c/scfrad.html

Let me know if you have any questions.

Regards,

Kanwal

Note: Please mark answers if they are helpful.

0 Helpful

Francisco Sanchez
Level 1
Level 1
In response to Kanwaljeet Singh

‎05-02-2016 01:49 PM

Hi

I try but not work

Configuration on switch

aaa new-model
!
!
aaa group server radius SWITCH
 server 10.10.2.3 auth-port 1645 acct-port 1646
!
aaa authentication login default group radius local enable
aaa authentication enable default group radius
aaa authorization console
aaa authorization exec default group radius local
aaa authorization network default group radius local
aaa accounting network default start-stop group radius
!         
aaa session-id common
!
radius-server host 10.10.2.3 auth-port 1645 acct-port 1646 key cisco123

0 Helpful

Kanwaljeet Singh
Cisco Employee
Cisco Employee
In response to Francisco Sanchez

‎05-02-2016 04:01 PM

Hi Francisco,

Can you please replace 'default group radius' with "default group SWITCH" and try again?

Regards,

Kanwal

Note: Please mark answers if they are helpful.

0 Helpful

Francisco Sanchez
Level 1
Level 1
In response to Kanwaljeet Singh

‎05-05-2016 11:33 AM

Hi Fnu

I use only this commands

aaa new-model
!
!
aaa group server radius SWITCH
 server 10.10.2.3 auth-port 1645 acct-port 1646
!
aaa authentication login default group SWITCH local enable
aaa authentication enable default group SWITCH

But when putting  enable password does not work, I configure enable password and I use my password and does not work.

Regards

0 Helpful
Customers Also Viewed These Support Documents