Freeradius + AD + Cisco authetication

Jevos, Peter Peter.Jevos at
Fri Jul 2 13:43:35 CEST 2010

Hello friends


I was reading few tutorials regarding the Cisco authetication against
Freeradius and Windows AD.

Actually  I'm not really clever, because main tutorial on the main pages
is connected with the older version , and there are more version of the
Freradius 2.0, a bit different:


However, I have working and running samba and ntlm:


Linux#/usr/bin/ntlm_auth --request-nt-key --domain=MYDOMAIN
--username=MYNAME --require-membership-of='DOMAIN+DOMAIN_GROUP'


It returns OK.


Can somebody please help me how to finish the freeradius configuration (
the NAS server will be cisco )

I know that there should be the entries in users file, eap file, mschap
or ntlm_aut modules.

But what should be the proper syntax I really don't know 


My aim should be:

1. authenticate users that belong to some certain domain group , as is
showed in the ntlm_auth command above ( for the Cisco vpn client users )

2. authenticate users to have privilege ( 15 ) access to the router


Now I'm using IAS server, and I want to move to the FreeRadius

Cisco configuration is solved and works without any problems.

What remains is freeradius config


Thank you





-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Freeradius-Users mailing list