Authentication using Microsoft 2008 Active directory for Cisco RADIUS login
Hello all, I am having some trouble getting my Cisco routers to use Active directory to authenticate users. I have searched on Google and so far I am coming up dry on good documentation that will work. I have used these links. http://briandesmond.com/blog/how-to-authenticate-against-active-director y-from-cisco-ios/ http://filedb.experts-exchange.com/incoming/2008/12_w51/87700/TA0001-Win dows-2008-RADIUS-for-C.pdf When I am doing a debug against the AAA I am getting the "Response (32) failed decrypt" error. Any thoughts? Thank you in advance. M.A.R
Can you post your config on the router? Also, this may be better to post over at cisco-nsp. B -----Original Message----- From: Michael Ruiz [mailto:mruiz@lstfinancial.com] Sent: Tuesday, January 18, 2011 1:15 PM To: nanog@nanog.org Subject: Authentication using Microsoft 2008 Active directory for Cisco RADIUS login Hello all, I am having some trouble getting my Cisco routers to use Active directory to authenticate users. I have searched on Google and so far I am coming up dry on good documentation that will work. I have used these links. http://briandesmond.com/blog/how-to-authenticate-against-active-director y-from-cisco-ios/ http://filedb.experts-exchange.com/incoming/2008/12_w51/87700/TA0001-Win dows-2008-RADIUS-for-C.pdf When I am doing a debug against the AAA I am getting the "Response (32) failed decrypt" error. Any thoughts? Thank you in advance. M.A.R
On 1/18/2011 4:15 PM, Michael Ruiz wrote:
Hello all,
I am having some trouble getting my Cisco routers to use Active directory to authenticate users. I have searched on Google and so far I am coming up dry on good documentation that will work.
I know $myemployer Uses Cisco ACS to hit AD for logins. Maybe use tac+ to then query AD.
I've set it up on 2003 before, found this article... http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/bfbbbae... <http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/bfbbbae4-a280-4b3f-b214-02867b7d33e3/>it may be of use. Essentially on 2k3 it was a case of IAS and setting up the Cisco to use auth-port 1645 Looking at this you use NPS and change the port * * Gary * * On 19 January 2011 00:30, ML <ml@kenweb.org> wrote:
On 1/18/2011 4:15 PM, Michael Ruiz wrote:
Hello all,
I am having some trouble getting my Cisco routers to use Active directory to authenticate users. I have searched on Google and so far I am coming up dry on good documentation that will work.
I know $myemployer Uses Cisco ACS to hit AD for logins. Maybe use tac+ to then query AD.
participants (4)
-
Gary Steers
-
Michael Ruiz
-
ML
-
Welch, Bryan