Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2681
Views
0
Helpful
5
Replies

Cisco router 3620 for Lan authentication and accounting!

medri
Level 1
Level 1

‎04-22-2001 07:11 AM - edited ‎02-21-2020 09:56 AM

There is cisco router 3620 in our Lan which connect the internal users to internet through its four ethernet interfaces plus 16 async modems.

I would like to use router with win2000 to authenticate and do some accounting for Lan users but do not know how? I know there is a plenty of programs for dial-in accounting and authentication and authorization but I do not know any for Lan.

Thanks

Edri

Labels:
0 Helpful
5 Replies 5

henry_banh
Level 1
Level 1

‎04-23-2001 07:19 AM

I use win2000 IAS ( bundle with win2000)as radius server and verify users account with NT domain for dial up network.

0 Helpful

sergio.lewis
Level 1
Level 1

‎04-23-2001 05:23 PM

You can use ACS 2.6 with AAA in your Router and you can use this Inside the PIX.

this is for your router

aaa authentication fail-message ^CC Access Denied...Please check your Login nam

e and Password.^C

aaa authentication login default group tacacs+ enable

aaa authentication ppp default group tacacs+

aaa accounting exec default wait-start group tacacs+

aaa accounting network default wait-start group tacacs+

aaa accounting connection default start-stop group tacacs+

aaa accounting system default start-stop group tacacs+

this for your asyn interface

interface Async43

description Access to Corp - M21-A11 - Tel: 555-5555

ip unnumbered Ethernet0/0

no ip directed-broadcast

encapsulation ppp

ip tcp header-compression passive

async dynamic routing

async mode interactive

peer default ip address pool cisco

no cdp enable

ppp authentication pap

you have to install the ACS2.6 on NT2000 server

tacacs-server host 172.xxx.xxx.18

tacacs-server key 123

and this for your PIX

tacacs-server (inside) host 172.xxx.xxx.18 123 timeout 5

aaa authentication any outbound 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 tacacs+

aaa authentication telnet console tacacs+

aaa authentication any dmz1 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 tacacs+

aaa accounting any outbound 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 tacacs+

aaa accounting any dmz1 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 tacacs+

Hope this help!

0 Helpful

medri
Level 1
Level 1
In response to sergio.lewis

‎04-29-2001 05:36 AM

Thank you very much for the guidance.

But the problem is we do not have any pix device.

regards,

0 Helpful

sergio.lewis
Level 1
Level 1
In response to medri

‎04-29-2001 02:21 PM

don´t worry omit the PIX´s configuration and use the rest, its work very well!

0 Helpful

rmeagher
Level 1
Level 1

‎05-01-2001 11:54 AM

Is this worth doing?

0 Helpful
Customers Also Viewed These Support Documents