IOS authentication with MS IAS (AAA/radius)

Discussion in 'Cisco' started by John Smith, Jul 28, 2005.

  1. John Smith

    John Smith Guest

    here is my config so far:
    aaa new-model
    aaa authentication login default group radius local
    aaa authentication enable default group radius
    ....
    radius-server host 192.168.2.12 auth-port 1645 acct-port 1646 key 7 ******

    IOS (tm) 3600 Software (C3620-I-M), Version 12.2(29), RELEASE SOFTWARE
    (fc3)

    i am able to telnet to the router ok, and authenticate via radius using my
    windows domain information, but when i attempt to 'enable', i get an
    error. on the IAS server, in the logs, it says $enab15$ was denied access...
    I understand this, but what i dont understand is why isn't it using my
    windows username when i attempt to 'enable'. or is there a way to force it
    to?

    any hints/help?



    User Access Verification

    Username: username
    Password: *******

    Router>en
    Password:
    % Error in authentication.

    Router>




    TIA
     
    John Smith, Jul 28, 2005
    #1
    1. Advertisements

  2. Hi John,

    The username is fixed which is $enable15$ for enable authentication.

    Sincerely,

    Brad Reese
    BradReese.Com Cisco Repair Service Experts
    1293 Hendersonville Road, Suite 17
    Asheville, North Carolina USA 28803
    U.S. Toll Free: 877-549-2680
    International: 828-277-7272
    Website: http://www.bradreese.com/cisco-big-iron-repair.htm
     
    www.BradReese.Com, Jul 29, 2005
    #2
    1. Advertisements

  3. John Smith

    sumdingwong

    Joined:
    Aug 21, 2006
    Messages:
    4
    Likes Received:
    0
    sumdingwong, Mar 19, 2007
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.