[cisco-voip] OT Radius authentication with a 2800 router
Max Pierson
nmaxpierson at gmail.com
Mon Jan 3 18:17:49 EST 2011
Hi Mike,
You can set up rotary groups and put specific VTY lines in specific rotary
groups. Then configure a VTY or more to use "login local". You then
telnet/SSH to a different TCP port number.
"
http://www.cisco.com/en/US/tech/tk583/tk617/technologies_tech_note09186a00800949e2.shtml#addingsshterminalline
"
HTH,
Max
On Mon, Jan 3, 2011 at 10:03 AM, Mike King <me at mpking.com> wrote:
> Sorry for the slightly off topic question.
>
> We've been using Radius authentication with our 2800 routers for a
> while, but I've been handed an interesting directive.
>
> We have a third party that will need access to our 2800 routers. I've
> been asked to make a local account on the 2800's, as management does
> not want to added them to the directory (Active Directory) We're
> using Microsoft NPS (IAS for Server 2008) as a radius backend.
>
> Unfortunately, it's been my experience, when you enable RADIUS, you
> cannot login with local accounts unless the RADIUS server does not
> respond.
>
> Am I missing an easy way to do this?
>
> Mike
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20110103/0b375146/attachment.html>
More information about the cisco-voip
mailing list