Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
422
Views
0
Helpful
1
Replies

Large Scale Dialout, NAT and Radius

sra
Level 1
Level 1

‎09-13-2002 01:42 AM - edited ‎03-02-2019 01:20 AM

Hello everybody,

We need to implement a Large Scale Dialout scenario soon and I am looking for some info. Central site needs to connect to about 200 external sites (for remote management). The goal is to have all the connection data coming from a Radius server (actually from a LDAP server). We will also use NAT to hide the remote site's IP ranges as well as the central site IP range (so that would be both source and destination NAT).

My question is this: can a Cisco router retrieve all this information from a Radius server ? I.e. connection info, authentication info and NAT rules ? We are obviously trying to avoid creating profiles on the router and NAT rules (each site would have each own NAT rule) for each remote site. The idea is not to have to touch the router when we need to add / delete / modify a remote site.

Any help is appreciated. Thanks

Best regards,

Stefan Radovanovici

Labels:
0 Helpful
1 Reply 1

mljohnson
Level 4
Level 4

‎09-16-2002 01:57 PM

The large-scale dial-out documentation is here:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fdial_c/fnsprt11/dafsdil.htm

On the one hand I don't see a problem with trying this, although I've never done it myself. As long as the public address is in the RADIUS server, you should be fine. Wanting to NAT the central site may make it more interesting, but again the routing and NATing should be done prior to the router deciding it needs to dialout via AAA.

Let us know how it goes.

0 Helpful
Customers Also Viewed These Support Documents