authenticate Cisco devices against AD via Freeradius

Alan DeKok aland at
Wed Sep 21 15:04:53 CEST 2016

On Sep 21, 2016, at 5:08 AM, aquilinux <aquilinux at> wrote:
> Hi all, i currently use my radius server (3.0.11) to do things such
> EAP-TTLS, MSCHAPv2, CHAP in order to authenticate different users on
> devices/machines/etc...
> I managed to configure a virtual router for doing PAP against local USERS
> (in users file) following a guide about IOS+Freeradius. Works perfectly.
> What i'd like to do now is to authenticate users from the Cisco IOS device
> against AD (via ldap, mschap or whatever). The device i'm using only
> support PAP.
> The radius server is joined to the AD domain, getent passwd retrives all
> the AD users.
> Is it possible? (i know, i have a lot of imagination :-))

  Alan DeKok.

More information about the Freeradius-Users mailing list