Configuring RADIUS Dial Up with Livingston Server Authentication



Similar documents
BRI to PRI Connection Using Data Over Voice

isco Connecting Routers Back to Back Through the AUX P

Locking Users into a VPN 3000 Concentrator Group Using a RADIUS Server

Palomar College Dial-up Remote Access

Configuring TACACS+, RADIUS, and Kerberos on Cisco Catalyst Switches

Configuring the Cisco Secure PIX Firewall with a Single Intern

ASA 8.3 and Later: Mail (SMTP) Server Access on Inside Network Configuration Example

Unity Error Message: Your voic box is almost full

Telnet, Console and AUX Port Passwords on Cisco Routers Configuration Example

Sample Configuration Using the ip nat outside source static

Cisco Which VPN Solution is Right for You?

Sample Configuration Using the ip nat outside source list C

Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials.

PIX/ASA 7.x and above : Mail (SMTP) Server Access on Inside Network Configuration Example

Configuration Professional: Site to Site IPsec VPN Between Two IOS Routers Configuration Example

Connecting and Setting Up Your Laptop Computer

co Sample Configurations for Cisco 7200 Broadband Aggreg

Configure Backup Server for Cisco Unified Communications Manager

Configuring Static and Dynamic NAT Simultaneously

PIX/ASA: Allow Remote Desktop Protocol Connection through the Security Appliance Configuration Example

ACS 5.x and later: Integration with Microsoft Active Directory Configuration Example

Table of Contents. Cisco Configuring the PPPoE Client on a Cisco Secure PIX Firewall

SITRANS RD500 Configuring the RD500 with PSTN or GSM modems and Windows-based servers and clients for communication Objective:

CRS 4.x: Automatic Work and Wrap up Time Configuration Example

Virtual Fragmentation Reassembly

IOS NAT Load Balancing for Two ISP Connections

Authenticating a Lucent Portmaster 3 with Microsoft IAS and Active Directory

ASA 8.X: Routing SSL VPN Traffic through Tunneled Default Gateway Configuration Example

Immotec Systems, Inc. SQL Server 2005 Installation Document

Checking SQL Server or MSDE Version and Service Pack Level

Catalyst Layer 3 Switch for Wake On LAN Support Across VLANs Configuration Example

Lab Creating a Logical Network Diagram

Chapter7 Setting the Receiving PC for Direct Upload. Setting the Receiving PC for Direct Upload For Windows For Macintosh...

Cisco - Configure the 1721 Router for VLANs Using a Switch Module (WIC-4ESW)

Use Microsoft Outlook with Cisco Unified CallManager Express

: Interconnecting Cisco Networking Devices Part 1 v2.0 (ICND1)

Cisco Configuring Secure Shell (SSH) on Cisco IOS Router

Configure ISDN Backup and VPN Connection

Table of Contents. Cisco Mapping Outbound VoIP Calls to Specific Digital Voice Ports

PIX/ASA 7.x and above: Mail (SMTP) Server Access on the DMZ Configuration Example

1 Getting Started. Before you can connect to a network

Configuring Access Service Security

Table of Contents. Cisco Configuring IPSec Cisco Secure VPN Client to Central Router Controlling Access

ASUS WL-5XX Series Wireless Router Internet Configuration. User s Guide

Configuring Devices for Use with Cisco Configuration Professional (CCP) 2.5

ADSL Router Quick Installation Guide Revised, edited and illustrated by Neo

Cisco Secure PIX Firewall with Two Routers Configuration Example

Netcomm NB604N. Modem Configuration Guide. Netcomm NB604N. Configuring in Layer2 PPPoE for Windows XP and 2000 IMPORTANT MESSAGE

PIX/ASA 7.x with Syslog Configuration Example

Table of Contents. Cisco Cisco VPN Client FAQ

Andover Continuum Remote Communication Configuration Guide

Configuring a Leased Line

Remote Annex. Quick Start for Windows. Read before installing and using Remote Annex Software Release 4.2

Cisco Configuring Commonly Used IP ACLs

Database Replication Error in Cisco Unified Communication Manager

Lab 2 - Basic Router Configuration

Configuring DNS on Cisco Routers

Microsoft Windows 2003 DNS Server for Wireless LAN Controller (WLC) Discovery Configuration Example

Prestige 314 Read Me First

Configuring Asynchronous SLIP and PPP

CCT vs. CCENT Skill Set Comparison

NovaBACKUP xsp Version 15.0 Upgrade Guide

Cisco CNR and DHCP FAQs for Cable Environment

EasyServer II RADIUS authentication accounting dialin remote access

Network Security 1 Module 4 Trust and Identity Technology

Web Authentication Application Note

Configuring Check Point VPN-1/FireWall-1 and SecuRemote Client with Avaya IP Softphone via NAT - Issue 1.0

Configuring Cisco CallManager IP Phones to Work With IP Phone Agent

Lab Configure Basic AP Security through IOS CLI

ERserver. iseries. Remote Access Services: PPP connections

Cloud Services ADM. Agent Deployment Guide

Prestige 310. Cable/xDSL Modem Sharing Router. User's Guide Supplement

Overview of Access VPNs and Tunneling Technologies

Syslog Server Configuration on Wireless LAN Controllers (WLCs)

PT Activity: Configure Cisco Routers for Syslog, NTP, and SSH Operations

VPN PPTP Application. Installation Guide

Prestige 2302R Series

TSX ETZ Configuration of your computer for TSX ETZ direct connection by serial link. Eng V1.0

How to Setup PPTP VPN Between a Windows PPTP Client and the DIR-130.

Configuring Dial Backup and Remote Management

FINS Gateway For OMRON PLCs

Network Security 1. Module 4 Trust and Identity Technology. Ola Lundh ola.lundh@edu.falkenberg.se

DSL-2600U. User Manual V 1.0

NF1Adv VOIP Setup Guide (for Pennytel)

If you need additional assistance please contact our Technical Support Center at 24 hours a day, 7 days a week.

How to add a SIP server How to register a handset

DSL-G604T Wireless ADSL Router

Internet Access Setup

Using RADIUS Agent for Transparent User Identification

Configuring CSS Remote Access Methods

Backup Cisco ICM Database in Microsoft SQL 2000

Interconnecting Cisco Network Devices 1 Course, Class Outline

IOS NAT Load Balancing with Optimized Edge Routing for Two Internet Connections

"Charting the Course...

Prestige 650R-31/33 Read Me First

Lab 4.4.8a Configure a Cisco GRE over IPSec Tunnel using SDM

Lab 8.3.3b Configuring a Remote Router Using SSH

Job Aid: Creating Additional Remote Access Logins

Transcription:

Configuring RADIUS Dial Up with Livingston Server Authentication Document ID: 8537 Contents Introduction Prerequisites Requirements Components Used Conventions Configure Configuration Clients File on Server Users File on Server Microsoft Windows Setup for Users Lines 1 and 2 Microsoft Windows Setup for User Line 3 Verify Troubleshoot Router Troubleshooting Commands Server Related Information Introduction This document assists the first time RADIUS user in how to set up and debug a dial in RADIUS configuration with authentication to a Livingston RADIUS server. It is not an exhaustive description of the Cisco IOS Software RADIUS capabilities. Livingston documentation is available from the Lucent Technologies web site. The router configuration is the same no matter what server you use. Cisco offers RADIUS code in Cisco Secure ACS for Windows, Cisco Secure UNIX, or Cisco Access Registrar. The router configuration in this document was developed on a router running Cisco IOS Software Release 11.3.3. Cisco IOS Software Release 12.0.5.T and later uses group radius instead of radius. Therefore, statements such as aaa authentication login default radius enable appear as aaa authentication login default group radius enable. Refer to the RADIUS information in Cisco IOS documentation for details on RADIUS router commands. Prerequisites Requirements There are no specific requirements for this document. Components Used The information in this document is based on these software and hardware versions: Cisco IOS Software Release 11.3.3 Livingston RADIUS

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command. Conventions Refer to Cisco Technical Tips Conventions for more information on document conventions. Configure In this section, you are presented with the information to configure the features described in this document. Note: Use the Command Lookup Tool (registered customers only) to find more information on the commands used in this document. Configuration This document uses this configuration: Router Configuration aaa new model aaa authentication login default radius enable aaa authentication ppp default if needed radius aaa authorization network default radius enable password cisco chat script default "" at&fls0=1&h1&r2&c1&d2&b1e0q2 OK interface Ethernet0 ip address 10.29.1.3 255.255.255.0 CHAP/PPP authentication user: interface Async1 ip unnumbered Ethernet0 encapsulation ppp async mode dedicated peer default ip address pool async no cdp enable ppp authentication chap PAP/PPP authentication user: interface Async2 ip unnumbered Ethernet0 encapsulation ppp async mode dedicated peer default ip address pool async no cdp enable ppp authentication pap Login authentication user with autocommand PPP: interface Async3 ip unnumbered Ethernet0

encapsulation ppp async mode interactive peer default ip address pool async no cdp enable ip local pool async 10.6.100.101 10.6.100.103 radius server host 171.68.118.101 radius server timeout 10 radius server key cisco line 1 session timeout 20 exec timeout 120 0 script startup default script reset default modem Dialin transport input all stopbits 1 rxspeed 115200 txspeed 115200 flowcontrol hardware line 2 session timeout 20 exec timeout 120 0 script startup default script reset default modem Dialin transport input all stopbits 1 rxspeed 115200 txspeed 115200 flowcontrol hardware line 3 session timeout 20 exec timeout 120 0 autoselect during login autoselect ppp script startup default script reset default modem Dialin autocommand ppp transport input all stopbits 1 rxspeed 115200 txspeed 115200 flowcontrol hardware end Clients File on Server Note: This assumes Livingston RADIUS. # Handshake with router router needs "radius server key cisco": 10.29.1.3 cisco Users File on Server Note: This assumes Livingston RADIUS. # User who can telnet in to configure:

admin Password = "admin" User Service Type = Login User # ppp/chap authentication line 1 password must be cleartext per chap rfc 1994 # address assigned from pool on router chapuser Password = "chapuser" Framed Protocol = PPP # ppp/pap authentication line 2 # address assigned from pool on router # Can also have 'Password = "UNIX" which uses /etc/passwd papuser Password = "papuser" Framed Protocol = PPP # ppp/chap authentication line 1 password must be cleartext per chap rfc 1994 # address assigned by server chapadd Password = "chapadd" Framed Protocol = PPP, Framed Address = 10.10.10.10 # ppp/pap authentication line 2 # address assigned by server papadd Password = "papadd" Framed Protocol = PPP, Framed Address = 10.10.10.11 # authentication user line 3 # address assigned from pool on router # Can also have 'Password = "UNIX" which uses /etc/passwd authauto = "authauto" User Service Type = Login User Microsoft Windows Setup for Users Lines 1 and 2 Note: The PC configuration can vary slightly based on the operating system version you use. 1. Select Start > Programs > Accessories > Dial Up Networking. 2. Select Connections > Make New Connection and enter a name for your connection. 3. Enter your modem specific information. Under Configure > General choose the highest speed of your modem, but do not check the box below this. 4. Select Configure > Connection, and use 8 data bits, no parity, and 1 stop bit. For Call preferences, select Wait for dial tone before dialing, and Cancel the call if not connected after 200 seconds. 5. Select only Hardware Flow Control and Modulation Type Standard for Advanced. 6. Under Configure > Options nothing should be checked except under status control. Click OK. 7. Enter the telephone number of the destination, then click Next and Finish. 8. Once the new connection icon appears, right click on it and select Properties > Server Type. 9. Choose PPP:WINDOWS 95, WINDOWS NT 3.5, Internet and do not check any advanced options. Check at least TCP/IP under allowed network protocols. 10. Choose Server assigned IP address, Server assigned name server addresses, and Use default gateway on remote network under TCP/IP settings. Click OK. 11. When the user double clicks the icon to bring up the Connect To window to dial, the user must fill in the User name and Password fields, and then click Connect.

Microsoft Windows Setup for User Line 3 The configuration for User Line 3 (authentication user with autocommand PPP) is the same as for Users Line 1 and 2. The exception is to check Bring up terminal window after dialing from the Configure > Options window. When you double clicks the icon to bring up the Connect To window to dial, do not fill in the User name and Password fields. Click Connect. After the connection to the router is made, the enter the username and password in the black window that appears. Click Continue (F7) after authentication. Verify There is currently no verification procedure available for this configuration. Troubleshoot Router Troubleshooting Commands The Output Interpreter Tool (registered customers only) (OIT) supports certain show commands. Use the OIT to view an analysis of show command output. Note: Refer to Important Information on Debug Commands before you use debug commands. Server terminal monitordisplays debug command output and system error messages for the current terminal and session. debug ppp negotiationdisplays PPP packets sent during PPP startup, where PPP options are negotiated. debug ppp packetdisplays PPP packets that are sent and received. (This command displays low level packet dumps.) debug ppp chapdisplays information about whether a client passes authentication (for Cisco IOS Software Releases earlier than 11.2). debug aaa authenticationdisplays information on AAA/TACACS+ authentication. debug aaa authorizationdisplays information on AAA/TACACS+ authorization. Note: This assumes Livingston's UNIX server code. radiusd x d <full_path_to_users_clients_dictionary> Related Information Configuring RADIUS with Livingston Server RADIUS Support Page RADIUS in IOS Documentation Requests for Comments (RFCs) Technical Support & Documentation Cisco Systems Contacts & Feedback Help Site Map 2014 2015 Cisco Systems, Inc. All rights reserved. Terms & Conditions Privacy Statement Cookie Policy Trademarks of Cisco Systems, Inc.

Updated: Jan 19, 2006 Document ID: 8537

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information