Previously I talked about how to setup Microsoft Network Policy Server 2008 so that you can use that to log into Cisco Switches and Routers. This post I am going to go over the steps I used to setup Cisco ASA 5520 with 8.4.3 code to authenticate against Microsoft Active Directory using Microsoft RADIUS Server (NPS – Network Policy Server 2008). There are slightly different steps.
aaa-server RADIUS protocol radius
aaa-server RADIUS (inside) host X.X.X.X
timeout 25
key XXXXXXXXXXXXXXXX
!
aaa authentication http console RADIUS LOCAL
aaa authentication ssh console RADIUS LOCAL
aaa authentication enable console RADIUS LOCAL
aaa authentication serial console RADIUS LOCAL
aaa-server RADIUS max-failed-attempts 1
aaa-server RADIUS deadtime 1
aaa-server RADIUS host X.X.X.X timeout 1
Note:Use this as a reference point only. There are other configuration options available to tweak this according to your needs. Remember to always backup your work before you make any changes, always test configurations in the lab and never do anything that you can not undo 🙂
Tags: Cisco ASA 5520 management authentication against Microsoft RADIUS Server, Cisco ASA Authentication with Microsoft Network Policy Server NPS, Cisco ASA RADIUS Authentication for management, Cisco ASA RADIUS setup, Cisco ASA ssh RADIUS server, RADIUS Server setup on Cisco ASA