Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1912
Views
0
Helpful
3
Replies

PPP Authentication Local and External

bobo23
Level 1
Level 1

‎04-03-2003 02:41 AM - edited ‎03-10-2019 07:14 AM

Hi

If possible, I have a router configured to authenticate all incomming dialin users to authenticate against an RSA Server running SecureID, this is working fine. What I want to do is have one user authenticate against the local database, so can I have some users authenticate with an external database and others with the local database. Or is either one or the other.

Thanks in advanced..

Labels:
0 Helpful
3 Replies 3

r.vanwolferen
Level 1
Level 1

‎04-03-2003 05:04 AM

Yes you can do that, 2 options:

1/ Make a new group and place the user in the this group. The user can authenticate against the local database. The other users are authenticate against the RSA database.

2/ If all users are in the same group than the user properties can be changed for that user. Select for that user to authenticate against the local database.

If the user makes a connection the router send it to the ACS server and the server check the properties of the user. For this user it has to ask it's local database.

I always use this for testing. I create a user for testing (authenticate against the RSA database) and one user for local database. Now I can see if my router is configurred correctly and were the problem exsists if I can't loggin.

0 Helpful

bobo23
Level 1
Level 1
In response to r.vanwolferen

‎04-07-2003 01:23 PM

Thanks for that reply, but its not exactly what Im looking for. What I think that you are suggestion is that I create another group within the ACS Server and authenticate them on the local database.

What I want to do is authenticate them against the local router database (Have the router authenticate them against locally configured usernames and passwords) only one user and have the rest sent of for Radius Authentication.

So if I dial in as user A I get authenticated locally, and if I dial in as user B I get authenticated against Radius.

Regards

Derek

0 Helpful

gfullage
Cisco Employee
Cisco Employee
In response to bobo23

‎04-07-2003 09:11 PM

No you can't do this. You can have the local database as a backup for the Radius database in case Radius is not available, but there's no way to say that user x is local whereas users y and z are on the Radius server.

0 Helpful
Customers Also Viewed These Support Documents