توجه :
"نقل تمام یا بخشی از مطالب سایت تنها با لینک به مطلب و معرفی نویسنده آن مجاز است"
"لطفا سوالات خود را در تالار سایت ( PAdmins.ir ) مطرح کنید"
" برای انتقال به سایت جدید اینجا کلیک کنید "
| Cisco AAA login authentication with Radius (MS IAS |
| نگارش یافته توسط رضا بهروزی | |
|
This document will give you the bare minimum to provide RADIUS authentication to your Cisco Devices using Microsoft Internet Authentication Service (IAS) RADIUS server.
Using RADIUS on your Microsoft server to authenticate Cisco devices allows you to use the same usernames and passwords on your Windows servers and Cisco devices.
Click to play tutorial
Steps
1) Install IAS 2) Configure IAS 3) Configure Cisco Device 4) Test ========================================= 1) Install IAS ========================================= Click “Start > Control Panel > Add & Remove Programs” Click “Add/Remove Windows Components” Double-Click “Networking Services” Select “Internet Authentication Service” Click “Ok” ========================================= 2) Configure IAS ========================================= Click “Start>Programs>Administrative Tools>Internet Authentication Service” *** Create Remote access Policy *** (left Pane) Select “Remote Access Policies” (right pane) Delete all policies (right pane) Right-Click and Select “New Remote Access Policy” Click “Next” Select “Set up a custom policy” and give it a name Click “Next” Click “Add” Select “Windows Groups” Click “Add” Type “Domain Admins” (or any other group you would like to use) Click “Ok” Click “Next” Select “Grant remote access permission” Click “Next” Click “Edit Profile” Select the “Authentication” tab Select “Unencrypted Authentication” only Select the “Advanced” tab Change the service-type from “framed” to “login” Delete “Framed-Protocol” Click “Add” Select “Vendor Specific” Click “Add” Select “Cisco” from the drop-down box Select “Yes. It conforms” Click “Configure Attribute” Change Attribute Number to “1″ Set the Attribute Format to “String” Type “shell  riv-lvl=15″ in the Attribute Value fieldClick “Ok” Click “Ok” Click “Close” If you get an error, select yes or no …. it doesn’t matter. Click “Next” Click “Finish” *** Add Radius Clients *** (Left Pane) Click “RADIUS Clients” (Right Pane) Right-Click and click “New Radius Client” Give the client a friendly name and enter the ip address Click “Next” Enter a shared secret password Click “Finish” ========================================= 3) Configure Cisco Device ========================================= IOS Configuration ***
aaa new-model
radius-server host 192.168.10.100 key P@ssw0rd ip radius source-interface f0/0 aaa authentication login default group radius local line vty 0 4 login authentication default
*** PIX Configuration ***
username matrix password jhenry
aaa-server RADIUS (inside) host 192.168.10.100 P@ssw0rd aaa-server LOCAL protocol local aaa authentication ssh console RADIUS LOCAL aaa authentication telnet console RADIUS LOCAL |
| < بعد | قبل > |
|---|
آخرين مراجعات
| www.google.com |
| images.google.com |
| admins.ir |
| forum.admins.ir |
| www.google.co.ma |
| ...rezabehroozi.ir |
| ..velopercenter.ir |
| ..ersianadmins.com |
آخرین ارسالهای انجمن
PersianAdmins
