I like configuring radius authentication for logging into network devices. Its much more manageable than changing each switch when someone leaves a company. Just disable their AD login and you are in good shape. On the ICX series, this is what I normally do for a template. Just put in your server IP, etc for your template:
radius-server host 10.10.10.10 auth-port 1645 acct-port 1646
radius-server key pa$$w0rd
!
aaa authentication login default radius local
username shane pri 0 password pa$$w0rd
Have you worked with the VDX line of switches. I can use NPS to authenticate AD users to log onto a VDX 6720, but it does not assign the admin role I set in the NPS policy, in fact, per the show users command, no role is assigned. No role assigned gives default user level privileges. All the Network OS admin guides show NPS windows that are not longer available (at least not some place easy to find) in configuring RADIUS clients in NPS. Any idea on how to correct this on server 2008 or higher? Thank you.
ReplyDeleteYes, I have worked with them. But never done what you are trying to do.
Delete