[nsp] Authentication through Diff RADIUS on Single NAS
Bruce Pinsky
bep at whack.org
Wed Feb 4 12:32:32 EST 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Prit Patel wrote:
| Hello All,
|
| I have cisco 3600 with 1 ISDN PRI and 8 analog port
| for accepting connection using dial-up.All user are
| getting authenticated via Radius server.
|
| User who dialin via ISDN they should get authenticate
| via redius group1 and user who dialin via
| analog(async) port they should get authenticate via
| radius group2.
|
| For achive this what kind of config require on my 3600
| router?
|
Here is a config snippet of the relevant security config:
aaa new-model
!
!
aaa group server radius foo
~ server 1.1.1.1 auth-port 1645 acct-port 1646
!
aaa group server radius bar
~ server 2.2.2.2 auth-port 1645 acct-port 1646
!
aaa authentication ppp server1 group foo
aaa authentication ppp server2 group bar
!
interface Group-Async1
~ physical-layer async
~ no ip address
~ encapsulation ppp
~ ppp authentication chap server2
!
interface Dialer1
~ no ip address
~ encapsulation ppp
~ ppp authentication chap server1
!
radius-server host 1.1.1.1 auth-port 1645 acct-port 1646
radius-server host 2.2.2.2 auth-port 1645 acct-port 1646
The remainder of the config is left as an exercise for the reader.
http://www.cisco.com/cgi-bin/Support/browse/index.pl?i=Technologies&f=987
- --
=========
bep
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (MingW32)
iD8DBQFAISyvE1XcgMgrtyYRAuK+AKCA5rKQoO1q2qyCWL29B6W+8b/megCg7VSB
sXwPnlRyCDarb0MELHgNyG4=
=53aY
-----END PGP SIGNATURE-----
More information about the cisco-nsp
mailing list