Re: Configuring RAS and TACACS+. through ACS.

johnleeee · ‎09-02-2005

Hi all,

I have very basic question about

configuring RAS with digital modems

and AAA through TACACS+. I use

command peer default ip address pool OLA under interface Group-Async0 and interface Dialer10

for example. And inside router I configure this pool with some range of

IP addresses...for example

ip local pool OLA 192.168.10.2 192.168.10.127.

And I set AAA through TACACS+.

What should I do next on ACS ? Should I configure this pool of IP addresses on ACS or it is sufficient to do it only on router? Or do this on router is not important ?

Thanks

jl

Richard Burts · ‎09-02-2005

John

I have configured RAS for dial-in services where we authenticated the dial-in users via TACACS and ACS. I did not have to do anything on ACS about the dial pool. The only thing that I had to do on ACS was to configure it to authenticate users whose authentication request came from that router. (In other words nothing special on ACS just because they were dial-in.) Just be sure that your aaa on the router provides for authenticating ppp.

HTH

Rick

HTH

Rick

johnleeee · ‎09-03-2005

Ricky,

so does it mean that when I want to give

users dial-in to our RAS IP addresses and

do AAA authentication through TACACS+ on ACS

only thing related to IP addresses is to configure

ip pool only on router. M I right?

And on ACS associate these users with name of pool

configured on router.

BR

jl

Richard Burts · ‎09-03-2005

John

I believe that you are correct that you configure the address pool on the router. I do not believe that you need to do anything special on ACS for this to work.

HTH

Rick

HTH

Rick