No need to define authen and authoriz commands under the line vty 0-4?
@carlosarjonaquijano27916 ай бұрын
To connect a user through the wireless network, what type of radius authentication must the switch have?
@anasa.ghannam93026 ай бұрын
it doesn't work mate, the syslog said: invalid_group_handle , anyone can help please))
@carlmarkley3817 Жыл бұрын
Outstanding, I had all the right pieces in place but they were not lined up correctly on my Server 2019 and Cisco Catalysis 9300. All set now, thanks for putting this out there.
@thakkardushyant Жыл бұрын
Is this possible for win 10 pro client from windows server ad ,2019
@martynjones9732 жыл бұрын
Great video thank you, do you have one on Cisco ICE 👍👍👍
@jaysonpatricio2 жыл бұрын
how about the failover if the NPS(radius is down) the local admin should work right?
@Chrishall1982x2 жыл бұрын
yes
@andresparamo67342 жыл бұрын
Great tutorial! Quick question for you for anyone that might know. Do you know if after enabling aaa for authentication is the option still available to login with the local credentials that were created on the router/switch?
@jaysonpatricio2 жыл бұрын
got same question when radius server is down, local credential should work but he did not mention it here
@andresparamo67342 жыл бұрын
Has anyone configured a cisco switch with radius from DUO using their auth proxy? Would the cisco side of this tutorial be the same?
@xbyrxlyr2 жыл бұрын
Great video, but the splash screen at the end made me shard a little.
@Dr.J_theCPA3 жыл бұрын
How do you create a PC GPO for me to link to my log in policy?
@starfoxedits19093 жыл бұрын
Thanks
@badisdolor84563 жыл бұрын
just for the nps server ?? how can i add one in my lab ?
@hahahaha70233 жыл бұрын
key should be called "Enabled"
@enzoscandelt33504 жыл бұрын
useless, missing a lot on the video, dont follow this guide if you using a dedicated server, will probably crash or block your RDP.
@alejandrocruz57234 жыл бұрын
Great 100%
@bsiko14 жыл бұрын
Thank you so much it's worked for me
@sanjeev.cs144 жыл бұрын
Does this will work for "Remote management Service Accepting Unencrypted Credentials Detected"
@networklabs14 жыл бұрын
Nice video mate
@jozamaymen4 жыл бұрын
don't forget to use (BAP percentage of capacity), sometime the radius won't work without it.
@nisam138344 жыл бұрын
Is this prevent seth attacks ?
@krishnarout91764 жыл бұрын
Thanks
@jugsonmunganga8914 жыл бұрын
the acouch-adm account comes from where ?????
@dbacky4 жыл бұрын
That is the user (Adam Couch, [email protected]) that is added to the Network Admins security group at the 2:32 mark in the video.
@jhilling4 жыл бұрын
How are you making this work using MS-CHAP? My previous setup on 2012 required me to use "Unencrypted authentication (PAP, SPAP).
@Lonje2 жыл бұрын
i am also interested to know
@itservices73734 жыл бұрын
Is this the proper way for win 10? It does work but is it proper way to do it in server 2012R2?
@djiboutivictime24445 жыл бұрын
what cani do turn off guest window
@jimbarrofficial5 жыл бұрын
didnt' work - tried cisco, admin, etc. Cisco is much harder than HP to set this shit up. drives me nuts.
@Stickell2 жыл бұрын
try only crypto generat key rsa
@sndrcve5 жыл бұрын
What are the pros and cons of doing this?
@mattr56645 жыл бұрын
oh man you are a life saver. I was only getting it partly working with a bunch of other walkthroughs. Yours worked right off the bat. Thank you! Windows Server 2016 - C9300 on 16.8.1a
@mdhumayun6 жыл бұрын
It is working if I unchecked all button except Unencrypted authentication (PAP, SPAP) on Authentication Methods under Network policies :)
@tusredesti90176 жыл бұрын
Same here, i do a equal action.
@jonbiong5 жыл бұрын
Thanks, this solved it.
@trancechannel66335 жыл бұрын
Which part bro in this video
@saadabdulla99343 жыл бұрын
Solved my issue, thanks.
@Lonje2 жыл бұрын
mine too. i wonder how he made it work using the other authentication protocols.
@BurninBosmer6 жыл бұрын
Is it possible to then limit who can log into the router, such as only a certain group in AD/LDAP?
@luileliomatsenguane4406 жыл бұрын
Hi, where do you defined acouch-adm?
@dbacky4 жыл бұрын
That is the user (Adam Couch, [email protected]) that is added to the Network Admins security group at the 2:32 mark in the video.
@luamayav6 жыл бұрын
will this erase everything on the box?
@blueteamsecurity51856 жыл бұрын
luke Shepherd Nope. This should not wipe data on the box, however as always backups are recommend.
@songofyesterday6 жыл бұрын
Does disabling Local Administrator accounts block ALL local admin accounts or just the one named "Administrator"?
@Ferasw6 жыл бұрын
just the one named "Administrator"
@algeriano76395 жыл бұрын
@@Ferasw What if it was renamed earlier, will the GPO still apply ?
@wilsongomes945 жыл бұрын
it block's only the named "Administrator", but be advised, if that's the only local account with Administrator Privileges, other users may take advantage and grant Administrator Privileges for themselves! I just tested this right now...
@paulskywalker43666 жыл бұрын
Spank you my friend! Spank you alot.
@vaishakpd38677 жыл бұрын
Great Really Appreciate
@255667 жыл бұрын
The last one isn't necessary. If you read the description it says that the default setting is "High" so you didn't change anything.
@sanjeev.cs144 жыл бұрын
Does this will work for "Remote management Service Accepting Unencrypted Credentials Detected"
@DishantPandya7 жыл бұрын
I configured everything exactly as shown in here but still there's a problem authenticating.
@Chris-Christopher-3 жыл бұрын
@Nehemiah Brayan, when tried it I got a virus and my entire family got cancer. My kids are dead because of instaportal. Do not use instaportal.
@adnanebenaissa55997 жыл бұрын
Thanks a lot very helpful, but where is part 2?
@sanjeev.cs144 жыл бұрын
Does this will work for "Remote management Service Accepting Unencrypted Credentials Detected"
@fatboy12717 жыл бұрын
Thanks for the video; however, in the description you say, "There is a different method for Windows 8 and above which i will demonstrate in another video." I couldn't find this when looking at your Videos list. I'd like to implement this for Windows 10...
@fredh36037 жыл бұрын
Hi, thanks for the tutorial. I tested this with a Windows Server 2012R2, which is currently also being used as our MAB-server. My iOS device is an old Cisco1721 using iOS 12.4(25d). I am sitting in an AD-forest and assume my testingdevice is too old. I wonder if the command "domain-stripping" could add the domain automatically to the username. Can you confirm this thought? _____ Oh, also I'm not sure if you mentioned, but the local account is only being used when the Cisco IOS device cannot pass the authentication to the radius OR the radius cannot pass it to the active direcotry.