IOS authentication with MS IAS (AAA/radius)

IOS authentication with MS IAS (AAA/radius)
NewsGroups | Search | Tools
User Password
Register Now! Lost Password?

General Cisco Forum - Cisco Systems - Hardware Software and Security News and Discussions 

Bookmark this page:  YahooMyWeb Yahoo!  Google Google  Windows Live Favorites Windows Live  del.icio.us del.icio.us  digg digg  Add to Netscape Netscape
Subject Author Date
IOS authentication with MS IAS (AAA/radius) John Smith 07-28-2005
If you were  Registered and logged in, you could reply and use other advanced thread options
Posted by John Smith on July 28, 2005, 3:25 pm
here is my config so far:
aaa new-model
aaa authentication login default group radius local
aaa authentication enable default group radius
....
radius-server host 192.168.2.12 auth-port 1645 acct-port 1646 key 7 ******

IOS (tm) 3600 Software (C3620-I-M), Version 12.2(29), RELEASE SOFTWARE
(fc3)

i am able to telnet to the router ok, and authenticate via radius using my
windows domain information, but when i attempt to 'enable', i get an
error. on the IAS server, in the logs, it says $enab15$ was denied access...
I understand this, but what i dont understand is why isn't it using my
windows username when i attempt to 'enable'. or is there a way to force it
to?

any hints/help?



User Access Verification

Username: username
Password: *******

Router>en
Password:
% Error in authentication.

Router>




TIA


Posted by www.BradReese.Com on July 28, 2005, 9:12 pm
Hi John,

The username is fixed which is $enable15$ for enable authentication.

Sincerely,

Brad Reese
BradReese.Com Cisco Repair Service Experts
1293 Hendersonville Road, Suite 17
Asheville, North Carolina USA 28803
U.S. Toll Free: 877-549-2680
International: 828-277-7272
Website: http://www.bradreese.com/cisco-big-iron-repair.htm



Similar ThreadsPosted
Failed Authentication, Status "Unsupported Authentication Algorithm" November 26, 2004, 5:20 am
PIX + aaa authentication November 5, 2004, 4:07 pm
PIX and cut-through authentication February 10, 2005, 4:50 pm
cut-through authentication for ssh? February 18, 2005, 6:55 pm
VPN Authentication April 19, 2005, 9:50 am
PIX Authentication June 7, 2005, 2:29 pm
EAP Authentication June 22, 2005, 6:03 pm
802.1x Authentication November 10, 2005, 2:24 am
authentication and ACL with PIX May 12, 2006, 9:23 am
VPN ASA Authentication to MS CA October 31, 2007, 7:06 am

other useful resources:
The Federal Communications Commission (FCC)
Telecommunications Industry Association
Electronic and Software Security Products and Services
International Telecommunication Union

Custom CGI Perl and PHP programming by 1-Script.com

Contact Us | Privacy Policy
The site map in XML format XML site map