cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
362
Views
0
Helpful
1
Replies

Can you use dial-up with MS certificates and 5300?

jroyster
Level 1
Level 1

So far here are the parts involved.

1) multiple AS5300s using TACACS+ for AAA

2) Cisco ACS server (tacacs+)

3) RSA secureID token server

4) XP clients dial-in.

So the client dials the 5300, 5300 asks for username/token password and presents to ACS server. ACS server then queries RSA token server for authentication.

Works just fine.

But I'd like to replace the hard tokens with Microsoft Certificates. I can't seem to find any information about using certificates for dial-in. It looks like newer versions of IOS support EAP but can I use these features for PPP in a dial-in case?

Can somebody explain the process and pieces needed or simply say "yes, you can do it". I've read that I may have to use some radius extensions in order to use EAP?

Thanks in advanced,

John

1 Reply 1