No need to define authen and authoriz commands under the line vty 0-4?

To connect a user through the wireless network, what type of radius authentication must the switch have?

it doesn't work mate, the syslog said: invalid_group_handle , anyone can help please))

Outstanding, I had all the right pieces in place but they were not lined up correctly on my Server 2019 and Cisco Catalysis 9300. All set now, thanks for putting this out there.

Is this possible for win 10 pro client from windows server ad ,2019

Great video thank you, do you have one on Cisco ICE 👍👍👍

how about the failover if the NPS(radius is down) the local admin should work right?

Great tutorial! Quick question for you for anyone that might know. Do you know if after enabling aaa for authentication is the option still available to login with the local credentials that were created on the router/switch?

Has anyone configured a cisco switch with radius from DUO using their auth proxy? Would the cisco side of this tutorial be the same?

Great video, but the splash screen at the end made me shard a little.

How do you create a PC GPO for me to link to my log in policy?

Thanks

just for the nps server ?? how can i add one in my lab ?

key should be called "Enabled"

useless, missing a lot on the video, dont follow this guide if you using a dedicated server, will probably crash or block your RDP.

Great 100%

Thank you so much it's worked for me

Does this will work for "Remote management Service Accepting Unencrypted Credentials Detected"

Nice video mate

don't forget to use (BAP percentage of capacity), sometime the radius won't work without it.

Is this prevent seth attacks ?

Thanks

the acouch-adm account comes from where ?????

How are you making this work using MS-CHAP? My previous setup on 2012 required me to use "Unencrypted authentication (PAP, SPAP).

Is this the proper way for win 10? It does work but is it proper way to do it in server 2012R2?

what cani do turn off guest window

didnt' work - tried cisco, admin, etc. Cisco is much harder than HP to set this shit up. drives me nuts.

What are the pros and cons of doing this?

oh man you are a life saver. I was only getting it partly working with a bunch of other walkthroughs. Yours worked right off the bat. Thank you! Windows Server 2016 - C9300 on 16.8.1a

It is working if I unchecked all button except Unencrypted authentication (PAP, SPAP) on Authentication Methods under Network policies :)

Is it possible to then limit who can log into the router, such as only a certain group in AD/LDAP?

Hi, where do you defined acouch-adm?

will this erase everything on the box?

Does disabling Local Administrator accounts block ALL local admin accounts or just the one named "Administrator"?

Spank you my friend! Spank you alot.

Great Really Appreciate

The last one isn't necessary. If you read the description it says that the default setting is "High" so you didn't change anything.

I configured everything exactly as shown in here but still there's a problem authenticating.

Thanks a lot very helpful, but where is part 2?

Thanks for the video; however, in the description you say, "There is a different method for Windows 8 and above which i will demonstrate in another video." I couldn't find this when looking at your Videos list. I'd like to implement this for Windows 10...

Hi, thanks for the tutorial. I tested this with a Windows Server 2012R2, which is currently also being used as our MAB-server. My iOS device is an old Cisco1721 using iOS 12.4(25d). I am sitting in an AD-forest and assume my testingdevice is too old. I wonder if the command "domain-stripping" could add the domain automatically to the username. Can you confirm this thought? _____ Oh, also I'm not sure if you mentioned, but the local account is only being used when the Cisco IOS device cannot pass the authentication to the radius OR the radius cannot pass it to the active direcotry.

Thank you very much.