01-31-2016 07:43 PM - edited 03-10-2019 11:26 PM
Dear All,
I need a configuration help from anybody. I have a small network of 15 users connected to a 3560, which is in-turn connected to a 2811 ISR router. At interface fastethernet 0/24 of the 3560 switch I am planning to connect a unix based RADIUS server. ISP is connected on the opposite side of the 2811 at interface fa0/0.
What I want to do is if anyone among the 15 users tries to access internet, they should be validated in the RADIUS server by their pre-configured user credentials. (I'll store 15 user credentials there). If anybody else tries to connect (except these 15) he/she should be denied internet access.
The RADIUS server will be having a login page to type username/password.
Please guide in terms of what commands I should inject in the 3560 or what specifically I need to have to do this task.
Thanks in advance!!
Samrat.
Solved! Go to Solution.
02-02-2016 04:04 AM
I haven't done this in a very long time, but what you probably want to do is enable web authentication.
02-01-2016 12:06 PM
Honestly: I see not a big of a issue Cisco's config. You enable 802.1x and port authorization will be granted or not by the radius server you will config on the switch.
But on the Radius, I think FreeRadius should be more than enough to accomplish this, still can't speak about your exposure to this solution.
02-02-2016 04:04 AM
I haven't done this in a very long time, but what you probably want to do is enable web authentication.
02-02-2016 04:05 AM
I would also do the Web Authentication on the 2811, not the Cisco 3560.
02-02-2016 07:05 PM
Thank you Philip :-)
This is exactly what I was looking for. Tons and tons of thanks to you!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: