RADIUS and Cisco Concentrator

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hi!

We are using Webvpn on a Cisco Concentrator 3005. How do tell the Concentrator what group a user belongs to when using IAS?
 
microsoft.public.win2000.security news group, =?Utf-8?B?QmVybnQ=?=
We are using Webvpn on a Cisco Concentrator 3005. How do tell the Concentrator what group a user belongs to when using IAS?
Click to expand...

Might want raise this question with Cisco since you're asking how to
configure a Cisco device.
 
I don't know about the Cisco device but if IAS is used it will authenticate
the users based on configured remote access policies that may also include
policies that grant or deny based on group membership. The actual groups and
membership are confugred in Active Directory on a W2K domain controller or
possibly on the IAS server if this is not a domain network. --- Steve

http://www.microsoft.com/technet/prodtechnol/windows2000serv/tips/pgrem.mspx
-- remote access policy and groups

Bernt said:
Hi!

We are using Webvpn on a Cisco Concentrator 3005. How do tell the
Click to expand...
Concentrator what group a user belongs to when using IAS?
 
Ok, i have lookt at Cisco's site and found something about set Classid 25 on the RADIUS server. It's ok if you only have one group but I need to use several groups.
Maybe I'm missing something.

Regards
/Bernt
 
Hi Bernt.

I don't know if this will help, but on the IAS server if you have acess to
the remote access policies, look in edit profile/advanced - add and there
are a lot of options available including and entry for "class". Good
uck. --- Steve

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q319824 -- maybe
this will help??

Bernt said:
Ok, i have lookt at Cisco's site and found something about set Classid 25
Click to expand...
on the RADIUS server. It's ok if you only have one group but I need to use
several groups.
 
Bernt said:
*Hi!

We are using Webvpn on a Cisco Concentrator 3005. How do tell the
Concentrator what group a user belongs to when using IAS? *
Click to expand...


Hi,

i'm late but a solution is to configure the
'Configuration|System|General|Authentication' tab on your
concentrator.
You have to enable group lookup , define a delimiter and strip group
name if you want to send only the user name to your radius server.

Morgan SIZUN
 
Back
Top