authenticate Cisco devices against AD via Freeradius

aquilinux aquilinux at gmail.com
Wed Sep 21 11:08:59 CEST 2016


Hi all, i currently use my radius server (3.0.11) to do things such
EAP-TTLS, MSCHAPv2, CHAP in order to authenticate different users on
devices/machines/etc...
I managed to configure a virtual router for doing PAP against local USERS
(in users file) following a guide about IOS+Freeradius. Works perfectly.
What i'd like to do now is to authenticate users from the Cisco IOS device
against AD (via ldap, mschap or whatever). The device i'm using only
support PAP.
The radius server is joined to the AD domain, getent passwd retrives all
the AD users.
Is it possible? (i know, i have a lot of imagination :-))

thanks
-- 
"Madness, like small fish, runs in hosts, in vast numbers of instances."

Nessuno mi pettina bene come il vento.


More information about the Freeradius-Users mailing list