Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2739
Views
0
Helpful
3
Replies

Cisco Secure ACS for NT 2.4

shabib.syed
Level 1
Level 1

‎10-06-2000 07:51 AM - edited ‎02-21-2020 09:56 AM

Well I have 3620 which is used for remote clients to dial-in and to connect to our internal network. I was using internal(local router account database) i.e creating account for each user on router. Now I wanted to use my existing NT account database for users to authenticate via dial-up. I bought Cisco Secure ACS for NT 2.4 to solve this problem. Now I need help how to implement this. Right now i want both my local router database and NT account database to work parallel..I need some sample configurations...or help

will this command on my router

aaa authentication ppp default if-need local

will work

i need help..and urgent

Labels:
0 Helpful
3 Replies 3

bob.short
Level 1
Level 1

‎10-06-2000 10:40 AM

Our online TAC has a number of documents that will assist you in your deployment of Cisco Secure ACS NT. Please look through:

http://www.cisco.com/cgi-bin/Support/PSP/psp_view.pl?p=Software:Cisco_Secure_ACS_NT

Should you have specific issues pertaining to your

installation, please open a TAC case by clicking "Open A TAC Case" from:

http://www.cisco.com/cgi-bin/ibld/view.pl?i=support

0 Helpful

arslan_s
Level 1
Level 1

‎12-06-2000 11:55 AM

Hi shabib,

I suppose you want to authenticate users via local as well as remote account database. After you configure Cisco secure properly It is possible to configure Cisco IOS to utilize both of the databases, but one after another.

Here is the IOS commands in global config mode needed to accomplish this

aaa new-model

aaa authentication login default local radius

aaa authentication ppp default radius local

aaa authorization exec default local radius

aaa authorization network default radius

aaa accounting exec default start-stop radius

aaa accounting network default start-stop radius

and to specify your remote security server use

radius-server host ip-addr auth-port xxx acct-port xxx non-standard

radius-server key xxxxx

Please refer to Cisco IOS security configuration guide at www.cisco.com for complete reference.

I think Cisco secure is available with both tacacs+ and radius protocols. Configure your router for appropriate protocol and dont forget to specify correct IP address , ports and shared key for your Cisco secure server.

If you need more help, plz dont hesitate to ask.

Best regards.

0 Helpful

shabib.syed
Level 1
Level 1
In response to arslan_s

‎12-06-2000 03:10 PM

hey thanks arsalan......I successfully installed and configured the Cisco Secure ACS using TACACS+, also was able to use both the database, now i finally got rid of the local database. And this is running good for 2 months now......ne ways thanks for a reply.....I am now planning to use this TACACS+ Server to authenticate my VPN clients terminating on PIX. if u have ne experience with that, prob u can hel me there........

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents