RADIUS on NT and 5300

RADIUS on NT and 5300

Post by Tobin, Bria » Thu, 15 Apr 1999 04:00:00

Anyone else using Microsoft's version of RADIUS (its included on the NT
Option Pack) and Access Servers?

Check this out, vanilla out of the box install of RADIUS on a BDC.  On my
access server with "aaa new-model" and the generic AAA radius setup...

Here is the "debug radius" when I try to login...

User Access Verification

Username: tobin_b

1w1d: RADIUS: ustruct sharecount=1
1w1d: RADIUS: Initial Transmit id 142, Access-Request, len
1w1d:         Attribute 4 6 AC120296
1w1d:         Attribute 5 6 00000062
1w1d:         Attribute 61 6 00000005
1w1d:         Attribute 1 9 746F6269
1w1d:         Attribute 31 13 3137322E
1w1d:         Attribute 2 18 CF0F316C
1w1d: RADIUS: Retransmit id 142
1w1d: RADIUS: Retransmit id 142
1w1d: RADIUS: Retransmit id 142% Backup authentication

1w1d: RADIUS: No response for id 142
1w1d: RADIUS: No response from server
What are the retransmits?  Are they certain attributes that are not
activated on the RADIUS server?  Documentation on the MS RADIUS is not the
best, anyone else using it?  

I'm trying to setup a AS5300 with dial in/out access in conjunction with MS
RADIUS and Cisco Secure 2.1.  I installed Secure on the same physical
machine as MS RADIUS (this shouldn't matter, should it?)

I think I'm just missing something on the RADIUS side of things.  Some
pointers would be helpful...




RADIUS on NT and 5300

Post by Barnz » Thu, 15 Apr 1999 04:00:00

If you are using Cisco Secure why don't you just use TACACS and point it to
the NT Server's user database. You really don't need MS RADIUS for that
installation. Cisco Secure already has everything you need so you can use
the NT Domain database for authentication via the TACACS protocol. In my
experience, this works quite well under NT.


Steve Barnes