| Home | Forums | Reviews | Guides | Newsgroups | Register | Search |
 |
| Thread Tools |
|
Guest
Posts: n/a
|
|
|
|
||
|
|
| |
|
Guest
Posts: n/a
|
gmosley wrote:
> We are using RADIUS under AIX to authenticate traffic through a Cisco > box into a VLAN. > > Can the RADIUS server be configured to not authenticate specific IP > addresses? > > In the RADIUS log I see that it is getting the source IP address like > this: > > Cisco-AVPair = "ip:source-ip=xxx.xxx.xxx.xxx" > > Can the RADIUS server be configured to not authenticate from that > specific IP address/subnet? Can you not specify on the RADIUS server itself what subnets/ips to allow? My RADIUS server only accepts connetions from two IP addresses? Or am I misunderstanding what you're asking  |
|
|
|
|
|||
|
|
| |
|
Guest
Posts: n/a
|
Fook,
Part of the problem is that I cannot access the server itself - but if I can help them find a solution to implement it will solve my problem. Are you talking about limiting it to which NAS devices (firewalls, etc) can authenticate? That is being done. The problem is that the NAS passes along the source IP of the user, and there are some systems we would prefer not be allowed to authenticate. Unfortunately the systems we don't want to authenticate are the exceptions, not the rule. Can you allow authentication from ALL servers except a few? Fook wrote: > gmosley wrote: > > > We are using RADIUS under AIX to authenticate traffic through a Cisco > > box into a VLAN. > > > > Can the RADIUS server be configured to not authenticate specific IP > > addresses? > > > > In the RADIUS log I see that it is getting the source IP address like > > this: > > > > Cisco-AVPair = "ip:source-ip=xxx.xxx.xxx.xxx" > > > > Can the RADIUS server be configured to not authenticate from that > > specific IP address/subnet? > > Can you not specify on the RADIUS server itself what subnets/ips to allow? > > My RADIUS server only accepts connetions from two IP addresses? > > Or am I misunderstanding what you're asking |
|
|
|
|
|||
|
|
| |
|
| Thread Tools | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| aaa<br /> gets turned into aaa<BR> with innerHTML | yawnmoth | Javascript | 4 | 04-22-2009 01:09 AM |
| aaa authorization and aaa accounting with Cisco ACS and 1231 AP's | Chris_D | Cisco | 4 | 08-01-2005 08:03 AM |
| the different between aaa m1[100] and aaa *p = new [100] | C++ | 5 | 03-15-2005 08:22 AM | |
| cisco voip AAA Debit card radiator radius server | optimus | Cisco | 0 | 02-26-2004 01:06 PM |
| Pix 515 AAA Radius problems | Matt | Cisco | 1 | 12-08-2003 06:50 PM |
