07-14-2009 12:52 PM
We would like to integrate LMS with a RADIUS server. I found a lot of doc how to do that with the ACS server TACACS+. Does there also exist a doc how to do that with a RADIUS server ? What is the difference (TACACS vs RADIUS) in setting up this integration?
Thx for any advice or info
Jan
07-14-2009 03:15 PM
The only integration you can do is authentication. You will not be able to define custom roles or restrict what users can access what devices. To enable Radius authentication in LMS, go to Common Services > Server > Security > AAA Mode Setup, and select RADIUS as the login module. Enter your Radius server settings, and click OK.
After that, LMS will use the Radius server to authenticate users. You will still need to create local user accounts in LMS to provide authorization services, but the passwords do not have to be specified.
07-14-2009 03:30 PM
Have you looked at the Cisco document comparing TACACS+ and RADIUS? Here is a link:
http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a0080094e99.shtml
Apart from that, in general, you will have less functionality if you choose a product of than CiscoSecure ACS's TACACS+ implementation as your AAA integration option. For example, you will not have the functionality of Network Device Groups and pre-defined roles if you use RADIUS as your AAA module. These are granular authorization functions and RADIUS integration is limited to authentication (for the most part).
How to set up RADIUS as your module is covered in the Common Services User Guide, Chapter 4 (and was covered in Joe's response above).
Hope this helps.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide