RADIUS authentication for VPN users?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-09-2007 11:06 AM - edited 02-21-2020 10:18 AM
We have a VPN concentrator, how can I stop users using local accounts and use their Windows Active Directory user accounts?
- Labels:
-
Other NAC
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-09-2007 11:46 AM
Andy
Would I be correct in assuming that your VPN concentrator is one of the Cisco 3000 series concentrators?
Maybe I am missing something, but it seems to me to be fairly straightforward: the concentrator specifies how to authenticate and apparently now it is configured to use its local database of user accounts. It should be a fairly simple change to specify that it should authenticate these users with Radius. At that point it should stop using local accounts.
HTH
Rick
Rick
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-09-2007 01:19 PM
I it is a Cisco 3015 series concentrator, where do I configure this?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-09-2007 01:57 PM
Andy
I assume that your 3015 operates the same as the 3060s that I work with. From the Configuration line, to the User Management line, to the Groups line. Select the group that the user belongs to, on the right side of the screen is an option to modify Authentication Servers. Select this option and configure the external server that will authenticate.
HTH
Rick
Rick
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-10-2007 03:34 AM
I would like to use windows 2003 IAS (Radius) I want to allow only users in the AD Radius group called "VPN" to be able to access our network.
Can this be done and the users will then log in using their AD usernames and passwords?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-10-2007 08:39 AM
Andy
I believe that this can be done. Make sure that your users are in the group, specify that the group should use 2003 IAS (Radius) as its authentication server. It should work.
HTH
Rick
Rick
