Cisco Systems IOS authentication with MS IAS (AAA/radius)
Bookmark this page:  YahooMyWeb Yahoo!  Google Google  Windows Live Favorites Windows Live  del.icio.us del.icio.us  digg digg  Add to Netscape Netscape
Subject Author Date
IOS authentication with MS IAS (AAA/radius) John Smith 07-28-05
Posted by John Smith on July 28, 2005, 4:25 pm
Please log in for more thread options
here is my config so far:
aaa new-model
aaa authentication login default group radius local
aaa authentication enable default group radius
...
radius-server host 192.168.2.12 auth-port 1645 acct-port 1646 key 7 ******

IOS (tm) 3600 Software (C3620-I-M), Version 12.2(29), RELEASE SOFTWARE
(fc3)

i am able to telnet to the router ok, and authenticate via radius using my
windows domain information, but when i attempt to 'enable', i get an
error. on the IAS server, in the logs, it says $enab15$ was denied access...
I understand this, but what i dont understand is why isn't it using my
windows username when i attempt to 'enable'. or is there a way to force it
to?

any hints/help?



User Access Verification

Username: username
Password: *******

Router>en
Password:
% Error in authentication.

Router>




TIA

Posted by www.BradReese.Com on July 28, 2005, 9:12 pm
Please log in for more thread options


Hi John,

The username is fixed which is $enable15$ for enable authentication.

Sincerely,

Brad Reese
BradReese.Com Cisco Repair Service Experts
1293 Hendersonville Road, Suite 17
Asheville, North Carolina USA 28803
U.S. Toll Free: 877-549-2680
International: 828-277-7272
Website:    http://www.bradreese.com/cisco-big-iron-repair.htm



Similar ThreadsPosted
PIX and cut-through authentication February 10, 2005, 7:50 pm
802.1x Authentication November 10, 2005, 5:24 am
authentication and ACL with PIX May 12, 2006, 9:23 am
EAP Authentication June 22, 2005, 9:03 pm
VPN ASA Authentication to MS CA October 31, 2007, 7:06 am
Order of authentication. July 28, 2005, 4:13 pm
Network authentication. July 29, 2005, 9:34 am
PPTP + NT 4.0 Authentication October 23, 2005, 9:09 pm
Re: TACACS+ authentication January 25, 2006, 8:39 am
802.1x authentication with Microsoft IAS January 31, 2006, 8:06 am
radius authentication February 15, 2006, 7:54 am
AAA authentication woes April 27, 2006, 6:22 am
VPN using Kerberos authentication June 22, 2006, 11:35 pm
Unencrypted Authentication July 26, 2006, 9:51 am
OSPF authentication June 29, 2005, 11:15 pm
Latest PostsForumRSS
NEWS: Samsung takes on the Apple iPad with the 7 inch Galaxy... Wireless Networking
c3560 port configuration Cisco Systems
Broadband 2010: A Big Slowdown [telecom] General Telecommunications Forum
Control Hot Water Circ Pump With X10? General Home Automation
Official Course CCNP TSHOOT 642-832 / Foundation Learning Gu... Cisco Certification
Speedflow Communications Honored for Innovation Voice-Over-IP
USB _to_ RJ45 (not from) connection Ethernet LAN
FAQ: Maximizing cable modem or DSL speed Cable Modems
CASH FOR CISCO - I BUY USED AND NEW EQUIPMENT & LOTS MOR... Telecom Technical
FAQ: Maximizing cable modem or DSL speed Digital Subscriber Line
How to set up Meridian 1 to "provide clock" to a C... Nortel Networks
New Discovery about WDM LAN and Telecom Cabling
Control Hot Water Circ Pump With X10? Home Automation
Text file to automate restoring a dropped VPN connection. Virtual Private Networks
Home Theater Installation Home Theater
Re: The Turkic Languages in a Nutshell Fiber Optics
sip Video Conferencing
Residential Cabling Guide Home Cabling Guide

Finally, an instantly downloadable book that saves you thousands in home improvement dollars! Enjoy living in 21st century technology-advanced home while increasing its selling value and competitive advantage on the real estate market. Whether your cabling is for home office or high-tech leisure, you can wire your home yourself or learn "wirish" to speak with your cabling contractors in their language!

Click Here to learn more