SSH Logins to Cisco Switch. RADIUS/Active Directory
Luke Ramsden
lukermsdn at gmail.com
Tue Jan 28 01:14:06 CET 2014
Thanks for the reply.
If I use LDAP bind and PAP would that mean running 'radiusd -X' on the
radius server would display users' AD password in plaintext when showing
the contents of the Access-Request?
Thanks
-Luke
On 27 Jan 2014, at 21:57, Luke Ramsden <lukermsdn at gmail.com> wrote:
> Hi, I am trying to authenticate SSH logins to my Cisco 3750 switches
using RADIUS/Active Directory. I think this means I will need the Cisco
switches to send an MSCHAPv2 challenge to the RADIUS server? I am
struggling to achieve this and wondered if anyone else had come across this
and could offer some advice?
>
> Essentially, all I want is to remotely access the switches on my network
using Active Directory credentials. Are there any other/better methods if
the above is not possible?
They'll support PAP, in which case you can just use LDAP auth (LDAP Bind)
against the AD server. You don't need to use MSCHAPv2.
-Arran
Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team
FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140128/cf82cdad/attachment.html>
More information about the Freeradius-Users
mailing list