Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
733
Views
6
Helpful
4
Replies

Need to implement AAA using IAS RADIUS server

vipinrajrc
Level 3
Level 3

‎06-14-2011 06:04 AM - edited ‎03-11-2019 01:44 PM

Hi Experts,

I would like to implement AAA in ASA and it should be authenticate using IAS RAIUS server. Could any one suggest a best way?

Regards

Vipin

Thanks and Regards, Vipin
Labels:
0 Helpful
4 Replies 4

mile.ljepojevic
Level 1
Level 1

‎06-14-2011 07:26 AM

Pretty simple and straight forward procedure.

On ASA define RADIUS servers (your IAS server), add key and configure aaa authentication to use that server-group.

On IAS, as I am not quite Windows guy, it is try and fail procedure. You can check IAS events, see how request looks like, create conditionst that will apply on that request, and you should be good to go.

andamani
Cisco Employee
Cisco Employee

‎06-14-2011 07:28 AM

Hi,

You just need to define a AAA server on the ASA.

On the IAS you have to define the ASA as a AAA client. Also make sure that the Access policy is defined on the IAS for the ASA.

Hope this helps.

Regards,

Anisha

P.S.: please mark this thread as answered if you feel your query is resolved. Do rate helpful posts.

vipinrajrc
Level 3
Level 3
In response to andamani

‎06-14-2011 09:34 AM

Hi

Thanks for the reply.. I understand that but where should i configure privilege levels. Using IAS we can integrate with Active directory right? Also i want to give permission to all others except nework guys zero privilege. since ASA is going to integrate with AD using IAS AD username and password where should i put that privilege levels?

Regards,

Vipin

Thanks and Regards, Vipin
0 Helpful

praprama
Cisco Employee
Cisco Employee
In response to vipinrajrc

‎06-29-2011 12:58 PM

Hi vipin,

To specify privelege levels to users, you need to define the attribute priv:lvl on the IAS server and also perform authorization on the ASA. The below link will help you with IAS configuration:

http://hermanb.home.xs4all.nl/cisco-ias.htm

The command on the ASA would be "aaa author exec ...... ". Hope this helps!

Regards,

Prapanch

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card