01-31-2016 07:43 PM - edited 03-10-2019 11:26 PM
Dear All,
I need a configuration help from anybody. I have a small network of 15 users connected to a 3560, which is in-turn connected to a 2811 ISR router. At interface fastethernet 0/24 of the 3560 switch I am planning to connect a unix based RADIUS server. ISP is connected on the opposite side of the 2811 at interface fa0/0.
What I want to do is if anyone among the 15 users tries to access internet, they should be validated in the RADIUS server by their pre-configured user credentials. (I'll store 15 user credentials there). If anybody else tries to connect (except these 15) he/she should be denied internet access.
The RADIUS server will be having a login page to type username/password.
Please guide in terms of what commands I should inject in the 3560 or what specifically I need to have to do this task.
Thanks in advance!!
Samrat.
Solved! Go to Solution.
02-02-2016 04:04 AM
I haven't done this in a very long time, but what you probably want to do is enable web authentication.
02-01-2016 12:06 PM
Honestly: I see not a big of a issue Cisco's config. You enable 802.1x and port authorization will be granted or not by the radius server you will config on the switch.
But on the Radius, I think FreeRadius should be more than enough to accomplish this, still can't speak about your exposure to this solution.
02-02-2016 04:04 AM
I haven't done this in a very long time, but what you probably want to do is enable web authentication.
02-02-2016 04:05 AM
I would also do the Web Authentication on the 2811, not the Cisco 3560.
02-02-2016 07:05 PM
Thank you Philip :-)
This is exactly what I was looking for. Tons and tons of thanks to you!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide