Posted by LTLnetworker on August 31, 2014
Cisco ISE is an identity-based policy server featuring a wide range of functions from RADIUS CLI authentication to workstation posturing. With just a base license it includes a full-featured RADIUS server and it is capable of performing trivial RADIUS tasks which would not require such a sophisticated product themselves. For the functions described in this article Cisco Secure ACS could have been commonly chosen some years earlier. ISE’s policy logic and web interface is quite different.
The following use cases are described:
Posted in AAA, ASA, Cisco, IPsec, ISE, remote access, router IOS, switch | Tagged: 802.1X, attribute, dot1x, ISE | 8 Comments »
Posted by LTLnetworker on November 9, 2010
LDAP support for authentication and authorization was introduced in IOS 15.1(1)T. In this article we are testing Cisco VPN client connection authenticated against Novell NetWare eDirectory.
Structure of the LDAP directory:
Read the rest of this entry »
Posted in AAA, Cisco, IPsec, remote access, router IOS | Tagged: ezvpn, ldap | Leave a Comment »
Posted by LTLnetworker on May 7, 2010
Cisco router IOS Easy VPN Server
Group-Lock feature can also be used with local users, we can even create something like ‘local user groups’. Possible formats are:
name/group, name\group, name@group, or name%group
Read the rest of this entry »
Posted in AAA, Cisco, IPsec, remote access, router IOS | Tagged: easy vpn, ezvpn, group-lock | Leave a Comment »