Hi Pete,
I did this about a year ago as a separate virtual freeradius server in PF.
You can configure one in /usr/local/pf/raddb/sites-available. I chose to
run the virtual server on a different port and use the ldap module to talk
to our AD for authentication.
In the end, I elected just to run a separate freeradius server for our
Cisco devices, as we make heavy use of virtualization and it was easy to
spin up a separate linux VM for that. That way, I can tinker with things
like 2 factor auth via google for our switches without worrying about
people not being able to get on wifi. =)
In short, its fairly easy to setup freeradius to authenticate against AD
for Cisco devices. I recommend doing it as a separate server if possible.
I'm happy to help with a freeradius config and IOS config if you need it,
but probably better to do that off-list since it isn't really related to
PacketFence. Just send me an e-mail.
Regards,
Fletcher
On Thu, Jun 5, 2014 at 11:56 AM, Pete Hoffswell <
[email protected]> wrote:
> Hi.
>
> Has anyone successfully used the freeradius installation within
> packetfence for cisco device access (telnet and ssh)?
>
> Consider:
>
>
> http://www.cisco.com/c/en/us/support/docs/security-vpn/remote-authentication-dial-user-service-radius/116291-configure-freeradius-00.html
>
> https://supportforums.cisco.com/document/139161/cisco-ios-integration-freeradius-administrator-access
>
> I have been trying to get this working on our new PF installation, with no
> success yet. I'm wondering if anyone's blazed this trail already, and
> might have some words of wisdom, or configs to share.
>
> More specifically, I have our installation joined to active directory as
> well, and hope to pass auth from that system, through radius.
>
> Thanks for any hints!
>
> -
> Pete Hoffswell - Network Manager
> [email protected]
> http://www.davenport.edu
>
>
>
> ------------------------------------------------------------------------------
> Learn Graph Databases - Download FREE O'Reilly Book
> "Graph Databases" is the definitive new guide to graph databases and their
> applications. Written by three acclaimed leaders in the field,
> this first edition is now available. Download your free book today!
> http://p.sf.net/sfu/NeoTech
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
--
Fletcher Haynes <[email protected]>
Systems Administrator/Network Services Consultant
Willamette Integrated Technology Services
Willamette University, Salem, OR
Phone: 503.370.6016
------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/NeoTech
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
