[NTLUG:Discuss] OT: portmaster / radius configuration
Eric Schnoebelen
eric at cirr.com
Tue Oct 23 14:18:20 CDT 2001
[I think this needs to be taken off line, as it is rather off
Topic for discuss at ntlug.org.]
"Jack Snodgrass" writes:
- bad example. No ... I didn't use 'localhost'. I used the IP Address
- of my linux box.
Ok.. That was the first, obivious thing I saw..
- I know that the Cisco Ras 6430 gets the user, sends a userid
- password check that is sent to the Radius server ( running on
- a linux box ) and the Radius server sends back an 'okie-dokie'
- In the case for user jack, it also should send back the telnet
- info and the Cisco Ras server should make that connection
- happen. That's the part where it doesn't seem to be working.
[...]
- Is there some security stuff I have to set up on the Cisco side
- to do the telnet automatically?
Probably. I'm doing something very similar for my UUCP
customers dialing into my Ascend MAXen here. I've not tried to
use Cisco equipment for dial up, and I'm totally unfamiliar with
the 6430 (That model number rings zero bells.)
Assuming standard IOS, the sections you're going to have
to mess with are the ``aaa authorization'' and ``line'' segments.
I believe you'll need to make the changes in the ``line''
definitions, although at the moment, I'm unsure what those
changes should look like (and I haven't the personal time/need to
research them in the Cisco docs.)
I hope this helps,
Eric
--
Eric Schnoebelen eric at cirr.com http://www.cirr.com
When your hammer is C++, everything begins to look like a thumb.
-- Steve Haflich, comp.lang.c++
More information about the Discuss
mailing list