We have managed to make IAS work with Cisco Devices. The login and password are being validated from the Active Directory
Sample configs PIX aaa-server RADIUS protocol RADIUS aaa-server RADOIS (inside) host 192.168.13.34 radiuskey timeout 10 aaa authentication include http inside 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 RADIUS AS5300 aaa new-model aaa authentication login default group radius local aaa authentication ppp default group radius local aaa accounting update newinfo aaa accounting network default start-stop group radius radius-server host 192.168.13.34 auth-port 1645 acct-port 1646 key radiuskey radius-server retransmit 3 radius-server timeout 10 radius-server key radiuskey >From the IAS don't tick 'Client must always send the signature attribute in the request' Client Vendor must be Cisco In the remote access policies Click Edit Profile In the encryption tab make sure that 'no encryption' only is allowed and in the advanced tab there should be framed-protocol Radius Standard PPP service-type Radius Standard Framed Also checkout the ports from the properties of IAS (Right click on Internet Authentication Service) and select the radius tab our are 1645,1812 (authentication) and 1646,1813 (accounting) these should match the auth-port and acct-port in the radius-server command Regards Kenneth > >Eric Hauptman wrote: >> >> Does anyone have any pointers on getting a Cisco router talking >> to IAS >> running >> on a Windows 2000 server. I think I have everything configured >> correctly and it is still not working. Thanks >> >> Eric Hauptman Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=27683&t=27683 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
