Radius broke my IOS?

while configuring a 3560G for aaa\radius my router froze and had to be manually booted.
aaa settings are ok, didn't get any problems with this part
but when I started typing the radius commands... oh boy!
this is the first line: ip radius source-interface Vlan200
then this is the second command which broke it all:
radius-server host 192.168.200.x auth-port 1645 acct-port 1646 key 7 password
any idea what & why this command would break and how can I configure my radius without breaking the switch?

This example shows how to enable AAA, use RADIUS authentication and enable device tracking:
Switch(config) configure terminal
Switch(config)# aaa new-model
Switch(config)# aaa authentication login default group radius
Switch(config)# aaa authorization auth-proxy default group radius
Switch(config)# radius-server host key key1
Switch(config)# radius-server attribute 8 include-in-access-req
Switch(config)# radius-server vsa send authentication
Switch(config)# ip device tracking
Switch(config) end

Similar Messages

Camera connection kit to iPhone 4 broke in iOS 4.2

Used it all the time then after upgrading iPhone and iPad to 4.2.1 it no longer works.

Me too, the SD card reader appears, as I can see the firmware info etc in the settings > about screen, but it just doesn't do anything when inserting an SD card.
However if I lock the SD card and then insert, it gives me the error message as if the media is corrupt. So it must be seeing the card inserted, but just won't trigger the screen to import photos like it used to before this latest bug riddled update...
Thanks Apple, can I please have my £25 back now that my camera kit is useless?!!!!
Sort it out!!!!

IOS 12.0(5.1) + Radius

Hi Guys,
I'm trying to configure the RADIUS Authentication in IOS 12.0(5.1). However, even though I can configure the aaa new-model and use local username and passwords, I seem unable to find the necessary "radius-server' commands. Is it that RADIUS Server is not supported in this IOS? If it is supported can someone guide me or provide the necessary documentation.
Thanks
Nik

Hi Wen,
Thanks for your response. Please find the show version below. As for the "radius-server" it does not seem to exist on the device as if i type r? all I see is rmon.
Cisco Internetwork Operating System Software
IOS (tm) C2900XL Software (C2900XL-H2S-M), Version 12.0(5.1)XP, MAINTENANCE INTE
RIM SOFTWARE
Copyright (c) 1986-1999 by cisco Systems, Inc.
Compiled Fri 10-Dec-99 10:57 by cchang
Image text-base: 0x00003000, data-base: 0x002BA814
ROM: Bootstrap program is C2900XL boot loader
Switch-1 uptime is 1 week, 5 days, 10 hours, 1 minute
System returned to ROM by power-on
System restarted at 13:24:43 Canada-DST Sun Oct 17 2010
System image file is "flash:c2900XL-h2s-mz-120.5.1-XP.bin"
cisco WS-C2924M-XL (PowerPC403GA) processor (revision 0x11) with 8192K/1024K byt
es of memory.
Processor board ID 0x10, with hardware revision 0x03
Last reset from power-on
Processor is running Enterprise Edition Software
Cluster member switch capable
24 FastEthernet/IEEE 802.3 interface(s)
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 00:30:7B:D9:56:C0
Motherboard assembly number: 73-3425-10
Power supply part number: 34-0920-01
Motherboard serial number: FAA03499D5P
Power supply serial number: NONE
Model revision number: A0
Model number: WS-C2924M-XL-EN
System serial number: FAA0402H023
Configuration register is 0xF
Hope this helps

IOS SLB Loab Balance Questions

Forgive me if this is the wrong forum but it was the closest one I found relating to my issue.
I've trying to load balance four of our radius servers using IOS SLB. The config works well and the radius servers are accepting requests fine. I follow this article which wasn't too bad to follow:
http://www.cisco.com/application/pdf/en/us/guest/netsol/ns377/c649/cdccont_0900aecd800eb95f.pdf
My two questions are:
1. Sticky Option
I understand it's used to make sure the client's accounting information
goes to the correct real server, but I'm not sure how it really works
and what's the best time to set it to.
Eg:
ip slb vserver RAD-UDP-1646
virtual 210.x.x.224 udp 1646
serverfarm RADFARM
sticky 86400 group 10
inservice
a/ The documentation says "This configuraion causes the sticky database to store its entries for 86,400 seconds of inactivity". What do they mean by "inactivity" - no radius packets coming through? inactivity from the user's end?
b/ It also says "the client's IP address is added to the IOS SLB database..." - is this the client's framed IP that the ISP assigns to the customer???
c/ And what would be the optimum time to set the sticky timer to be?
2. SLB connection statistics
core1-router#sh ip slb reals
real farm name weight state conns
203.x.x.74 RADFARM 8 OPERATIONAL 0
203.x.x.78 RADFARM 8 OPERATIONAL 0
203.x.x.79 RADFARM 8 OPERATIONAL 0
203.x.x.80 RADFARM 8 OPERATIONAL 2
When you disconnect, the slb stats still show you as being connected to
the real server (and both udp ports) which isn't very accurate. There is a default "delay" time which handles TCP disconnections and after being disconnected for 10 sec, the SLB stats are updated to reflect this (I've verified this works)- but nothing about how it handles UDP disconnections??? This
would skew the stats and give us a very bad misrepresentation of the
number of current and valid connections. Is there anyway to correct this???
Thanks.
Andy

Inactivity for IOS SLB means that after specified time of inactivity, the client will be free to be load balanced to another server. As long as they remain active without an idle time , they will remain connected to the same real server. For the client's IP address which is added to the IOS SLB database I think it is the frammed IP address which the ISP assigns. The optimum time for the sticky timer will be its default value or say 60 seconds.

RADIUS Authentication Error Across the Subnet

Hi Guyz
I have configured Microsoft Server 2012 R2 as a RADIUS for Cisco IOS Devices
Server IP Address : 10.95.6.12
Router IP Address Fa 0/0.192 ---->>> 192.193.194.195
Router IP Address Fa 0/0.6 --->>> 10.95.6.1
Switch IP Address VLAN 192    ---->>> 192.193.194.2010.95.6.11
Switch IP Address VLAN 6 ---->>> 10.95.6.11
When i access the Cisco Devices RADIUS CLIENT with 10.95.6.x Subnet, It works fine
When i access the Cisco Devices through RADIUS CLIENT 192.193.194.x Subnet, It does not pass through the RADIUS Authentication.
Attached in the Picture i can not access the 192.193.194.20 Device but I can access 10.95.6.1 Device. As soon as I change the IP Address 10.95.6.11 I can access the Device.
Ping is successful across the Routers / Switches and Server as well. Below is unsuccessful debug details as well:
===
Home_Switch#
01:52:30: RADIUS/ENCODE(00000008): ask "Password: "
Home_Switch#
01:52:41: RADIUS/ENCODE(00000008):Orig. component type = EXEC
01:52:41: RADIUS: AAA Unsupported Attr: interface [171] 4
01:52:41: RADIUS: 74 74 [ tt]
01:52:41: RADIUS/ENCODE(00000008): dropping service type, "radius-server attribute 6 on-for-login-auth" is off
01:52:41: RADIUS(00000008): Config NAS IP: 0.0.0.0
01:52:41: RADIUS/ENCODE(00000008): acct_session_id: 8
01:52:41: RADIUS(00000008): sending
01:52:41: RADIUS/ENCODE: Best Local IP-Address 10.95.6.11 for Radius-Server 10.95.6.12
01:52:41: RADIUS(00000008): Send Access-Request to 10.95.6.12:1812 id 1645/6, len 85
Home_Switch#
01:52:41: RADIUS: authenticator 95 FB 3F FE 79 BB AA D6 - C9 26 F4 EC 95 32 80 06
01:52:41: RADIUS: User-Name [1] 7 "cisco"
01:52:41: RADIUS: User-Password [2] 18 *
01:52:41: RADIUS: NAS-Port [5] 6 2
01:52:41: RADIUS: NAS-Port-Id [87] 6 "tty2"
01:52:41: RADIUS: NAS-Port-Type [61] 6 Virtual [5]
01:52:41: RADIUS: Calling-Station-Id [31] 16 "192.193.194.50"
01:52:41: RADIUS: NAS-IP-Address [4] 6 10.95.6.11
01:52:41: RADIUS(00000008): Started 5 sec timeout
Home_Switch#
01:52:46: RADIUS(00000008): Request timed out
01:52:46: RADIUS: Retransmit to (10.95.6.12:1812,1813) for id 1645/6
01:52:46: RADIUS(00000008): Started 5 sec timeout
Home_Switch#
===
Any help will really appreciate.

Duplicate posts.
Go here: http://supportforums.cisco.com/discussion/12154866/radius-authentication-error-across-subnet

No iCloud auto backup since iOS 6 update

I have three iPhone 5's, an iPad 2, & two iPod Touches. None of the iPhones perform an auto backup when plugged in. Two are setup for iCloud backups & one is setup for iTunes backup. Even after a Genius appointment, still no auto backup. With the iCloud backups, I can backup manually successfully, so it's not an issue with corrupt data. With the iTunes backup, the "sync now" button is missing, so I can't even do manual backups.
After updating an iPod Touch that was auto backing up successfully on iOS 5.1.1, it's now not backing up automatically with iOS 6. Again, I can backup manually just fine.
When is Apple going to fix this issue? It works in iOS 5.x, but is broke w/ iOS 6. I see lots of posts about not being able to sync/backup, but I can backup manually. I wish I could revert my iPod back to 5.1.1 & downgrade my iPhones.
I've tried deleting my iCloud backups, turning off iCloud backups, & re-enabling the iCloud auto backup, but the only successful backup are the ones I perform manually. Any other suggestions? Anyone else seeing this issue?

No, I'm on Time Warner Cable.
This issue is strictly an iOS 6 issue and not related to your ISP. I have the same issue with all of my iOS 6 devices that are setup to auto sync/backup to iTunes instead of iCloud which only uses your wi-fi network and not your ISP's connection to the Internet. The backup to iTunes, however, is even more messed up than the backup to iCloud. With iCloud, it at least has the button for backing up now where as the iTunes Wi-Fi backup doesn't have the button and appears to not be enabled.
I had a Genius appointment and the (not) Genius tried to tell me that I hadn't even set it up right. I walked him though the setup with my Mac/iTunes and he gave me his approval that I'd done it correctly. Still no backup from the device. So he claimed it was iTunes so we removed it and re-installed it with no success. Then he tried to tell me it was an issue with my Mac and that I needed to completely re-install OS X. I told him he was an idiot and demonstrated how my iOS 5.1.1. devices backup perfectly and automatically via iTunes and couldn't be an issue with my Mac, OS X 10.7.4, iTunes, or my iPod Touches (3rd & 4th generations) and iPad 2, so the issue HAS to be with iOS 6.
I saw an article saying that Apple is planning an iOS 6.0.1 release in a few weeks, and iOS 6.1 after the holidays. There was no mention of iCloud/iTunes backups being included.

I broke my screen about a month ago and the iPod was fine until yesterday when it turned off and wouldn't turn on and the screen gets slightly lighter help

MY iPod broke help

Try:
- iOS: Not responding or does not turn on
- Also try DFU mode after try recovery mode
How to put iPod touch / iPhone into DFU mode « Karthik's scribblings
- If not successful and you can't fully turn the iOS device fully off, let the battery fully drain. After charging for an least an hour try the above again.
- Try another cable
- Try on another computer
- If still not successful that usually indicates a hardware problem and an appointment at the Genius Bar of an Apple store is in order. I suspect whatever caused the broken screen progressed.
Apple Retail Store - Genius Bar

CVPN3030 and FreeRADIUS - attribute "Framed-IP-Address"

We are authenticating VPN users via a FreeRADIUS server (see www.freeradius.org). This works fine for username/password, but we don't seem to be able to pass RADIUS attributes back to the VPN, or at least not in a way that affects the user's session. I'm focussing on "Framed-IP-Address" (to assign the VPN client a specific IP); if I can get it working for this, I'm sure I can port the method to other attributes.
Ayone out there doing this? With FreeRADIUS?
Thanks!

Hi!
As far as i remember VPN3k don't understand neither "Framed-IP-Address" nor cisco-av-pair.
I've used "Group Lock" feature to specify which ip-pool concentrator should use for authenticated user. It works like specifying "cisco-av-pair=ip:addr-pool" in Radius for usual (ios) NAS.
In your Radius-server you should add "Class" attribute. When user authenticates he moves to a new group which has an associated address pool.
For more detail look at the http://www.cisco.com/en/US/tech/tk59/technologies_configuration_example09186a00800946a2.shtml

ACS Tippingpoint SMS integration

I am configuring Tipping point SMS to authentication users from the Radius ACS, I got the session in the ACS and the error log shows ACS password invalid.
I tried to change the shared secret key and change the SMS type to be Radius IETF and IOS but all trials fail.
Tippingpoint SMS configuration has nothing but change IP - port - shared secret.
I tried also port 1812 - 1645 but both the same.

Moutaz,
I assume you are using acs 4.x software. Are you using network device groups on your ACS configuration, if so then you may want to check the properties of the network device group to make sure there isnt a different shared secret. Remember that the network device group settings always over ride individual settings on the clients themselves.
Thanks,
Tarik

Correct use of Ipod

my ipod shuffle stopped working. I couldn't update or restore.
When in itunes it says "ok to remove your ipod" etc.. is it really ok? Or should I (a) use the menu item to "eject disk" or (b) use the windows "safely remove hardware" feature?
I'm trying to discover why my ipod broke.

Upgrading iOS
   1. How to update your iPhone, iPad, or iPod Touch
   2. iPhone Support
   3. iPod Touch Support
   4. iPad Support
     a. Updating Your iOS to Version 6.0.x from iOS 5
          Tap Settings > General > Software Update
     If an update is available there will be an active Update button. If you are current,
     then you will see a gray screen with a message saying your are up to date.
     b. If you are still using iOS 4 — Updating your device to iOS 5 or later.
     c. Resolving update problems
        1. iOS - Unable to update or restore
        2. iOS- Resolving update and restore alert messages
You can upgrade to iOS 5.1.1.

Wi-fi & Blutooth are grey!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

I downlaod tha last update and now on my ipod touch 3 gen the wifi and the blue tooth are grey.....
I try to reboot and i restore the ipod as a new ...nothing change...
I went to an Apple Center.....
The seller told me that the barrery maybe surcharge and was to hot so maybe the battery burn the wifi part insinde .....
So now he offert me a new '' old'' ipod 3gen for 179$$ or get a new ipod 4 gen and if i want to give them me old one i give me 10% discount....
Any idea how i can verify if the wifi or bluetooth are really broke.

See:
iOS: Wi-Fi or Bluetooth settings grayed out or dim
It is frequently a hardware problem and an appointment a the Genius Bar of an Apple store is in order.

PEAP XPsp1 AP1200 ACS3.1

I can't get this combo working. Any assistance would be great.
ACS 3.1 with certs installed and PEAP / EAP-TLS enabled.
XP laptop with 350 PCMCIA card with newest firmware.
User database is Active Directory (RADIUS works for IOS and PIX okay)
AP1200 with 12.01T1 software.
AP configured for Accept Auth Type = Shared and Network EAP
Require EAP = Shared
What am I missing. Wireless works when all security is removed.
Thanks,
Patrick

Here is a complete debug of a failed client. It looks like it's a problem with ACS but I can't find anything. Any thoughts?
2 days, 20:12:01 (Info): Station 0009b74aa66b Authenticated
Dot1x entry (SLA\RIcenhour,0009b74aa66b) is being deleted(Current Count=1)
2 days, 20:12:01 (Info): Station 0009b74aa66b Associated
Dot1X Authentication Entry (0009b74aa66b) is created (Current Count=2)
RADIUS: Sending EAP-Request/Identity(id=1) packet to client 0009b74aa66b
EAP: Received EAPOL-Start from client 0009b74aa66b
RADIUS: Sending EAP-Request/Identity(id=2) packet to client 0009b74aa66b
EAP: Received EAP-Response/Identity(id=2) packet from client 0009b74aa66b
EAP: Forwarding packet to RADIUS server
RADIUS: Received packet for client 0009b74aa66b
RADIUS: Received Challenge Request
RADIUS: Sending EAP-Request/EAP-LEAP(id=9) packet to client 0009b74aa66b
EAP: Received EAP-Response/Nak(id=9) packet from client 0009b74aa66b
EAP: Forwarding packet to RADIUS server
RADIUS: Received packet for client 0009b74aa66b
RADIUS: Received Challenge Request
RADIUS: Server's state attribute was saved
RADIUS: Sending EAP-Request/EAP-PEAP(id=18) packet to client 0009b74aa66b
EAP: Received EAP-Response/EAP-PEAP(id=18) packet from client 0009b74aa66b
EAP: Forwarding packet to RADIUS server
RADIUS: Received packet for client 0009b74aa66b
RADIUS: Received Challenge Request
RADIUS: Server's state attribute was saved
RADIUS: Appending EAP attribute value of length 255
RADIUS: Appending EAP attribute value of length 255
RADIUS: Appending EAP attribute value of length 255
RADIUS: Sending EAP-code=37/type=101(id=50) packet to client 0009b74aa66b
EAP: Received EAP-Response/EAP-PEAP(id=19) packet from client 0009b74aa66b
EAP: Forwarding packet to RADIUS server
RADIUS: Received packet for client 0009b74aa66b
RADIUS: Received Challenge Request
RADIUS: Server's state attribute was saved
RADIUS: Appending EAP attribute value of length 255
RADIUS: Appending EAP attribute value of length 255
RADIUS: Appending EAP attribute value of length 251
RADIUS: Sending EAP-code=82/type=69(id=86) packet to client 0009b74aa66b
EAP: Received EAP-Response/EAP-PEAP(id=20) packet from client 0009b74aa66b
EAP: Forwarding packet to RADIUS server
RADIUS: Received packet for client 0009b74aa66b
RADIUS: Received Challenge Request
RADIUS: Server's state attribute was saved
RADIUS: Appending EAP attribute value of length 76
RADIUS: Sending EAP-code=0/type=44(id=232) packet to client 0009b74aa66b
EAP: Received EAP-Response/EAP-PEAP(id=21) packet from client 0009b74aa66b
EAP: Forwarding packet to RADIUS server
2 days, 20:12:17 (Warning): No EAP-Authentication response for Station 0009b74aa66b from server 10.1.40.50
Could not get a secondary Server Serving 802.1x function.
2 days, 20:12:17 (Info): Deauthenticating 0009b74aa66b, reason "Previous Authentication No Longer Valid"

I have an iphone 5. I have no idea of the ios version in it. Recently i broke my iphone screen and its showing up nothing. it was never synced to itunes or to any pc. When i tried to connect iphone to itunes in my pc it was asking was passcode which

I have an iphone 5. I have no idea of the ios version in it. Recently i broke my iphone screen and its showing up nothing. it was never synced to itunes or to any pc. When i tried to connect iphone to itunes in my pc it was asking for passcode which i had forgotten ages ago. Suggest me the possible ways to recover my iphone.

Since the screen doesn't work, it will be challenging to get it working, even thru iTunes. You will need to ask yourself if you want to invest more money in it or get a new one, especially since the contents will be lost since you don't know the passcode. Apple will gladly replace the screen for a cost that represents a significant portion of the price of a new. Once the screen is done, you may or may not be eligible for the free iPhone 5 Battery Replacement Program.
Or, if you decide to salvage it and are strong of heart and firm of hand, you can replace the screen yourself for less. See here and note they carry kits with all needed tools and parts.

IOS SSL VPN WITH RADIUS Authorization

Hi
I'm trying to authenitcate and authorize the users loggining into SSLVPN via ACS and although the ACS loggs and "TEST" command on the router shw succeeful authentication i receive the flollowing debug
*Jun 6 22:39:50.157: %SSLVPN-5-SSL_TLS_CONNECT_OK: vw_ctx: UNKNOWN vw_gw: SSLVPN i_vrf: 0 f_vrf: 0 status: SSL/TLS connection successful with remote at 10.0.0.100:4346
Rack1R1(config)#
*Jun 6 22:40:09.409: %SSLVPN-5-SSL_TLS_CONNECT_OK: vw_ctx: UNKNOWN vw_gw: SSLVPN i_vrf: 0 f_vrf: 0 status: SSL/TLS connection successful with remote at 10.0.0.100:4357
Rack1R1(config)#
*Jun 6 22:40:21.409: WV-AAA: AAA authentication request sent for user: "SSLUSER"
*Jun 6 22:40:21.409: RADIUS/ENCODE(00000000):Orig. component type = INVALID
*Jun 6 22:40:21.409: RADIUS/ENCODE(00000000): dropping service type, "radius-server attribute 6 on-for-login-auth" is off
*Jun 6 22:40:21.409: RADIUS(00000000): Config NAS IP: 150.1.1.1
*Jun 6 22:40:21.409: RADIUS(00000000): sending
*Jun 6 22:40:21.409: RADIUS(00000000): Send Access-Request to 10.0.0.100:1645 id 1645/27, len 60
*Jun 6 22:40:21.409: RADIUS: authenticator AC 16 B3 54 46 72 37 05 - 4C 00 19 21 81 97 40 6E
*Jun 6 22:40:21.409: RADIUS: User-Name           [1]   16 "SSLUSER@SSLVPN"
Rack1R1(config)#
*Jun 6 22:40:21.409: RADIUS: User-Password       [2]   18 *
*Jun 6 22:40:21.409: RADIUS: NAS-IP-Address      [4]   6   150.1.1.1
*Jun 6 22:40:21.669: RADIUS: Received from id 1645/27 10.0.0.100:1645, Access-Accept, len 282
*Jun 6 22:40:21.669: RADIUS: authenticator 2D 2C B0 39 89 4C 41 88 - 40 32 E2 09 0D 7F 6B 0C
*Jun 6 22:40:21.669: RADIUS: Framed-IP-Address   [8]   6   255.255.255.255
*Jun 6 22:40:21.669: RADIUS: Vendor, Cisco       [26] 28
*Jun 6 22:40:21.669: RADIUS:   Cisco AVpair       [1]   22 "webvpn:svc-enabled=1"
*Jun 6 22:40:21.669: RADIUS: Vendor, Cisco       [26] 29
*Jun 6 22:40:21.669: RADIUS:   Cisco AVpair       [1]   23 "webvpn:svc-required=1"
*Jun 6 22:40:21.669: RADIUS: Vendor, Cisco       [26] 50
*Jun 6 22:40:21.669: RADIUS:   Cisco AVpair       [1]   44 "webvpn:split-include=6.6.6.0 255.255.255.0"
*Jun 6 22:40:21.669: RADIUS: Vendor, Cisco       [26] 35
*Jun 6 22:40:21.669: RADIUS:   Cisco AVpair       [1]   29 "webvpn:keep-svc-installed=1"
*Jun 6 22:40:21.669: RADIUS: Vendor, Cisco       [26] 31
*Jun 6 22:40:21.669: RADIUS:   Cisco AVpair       [1]   25 "webvpn:addr-pool=SSLVPN"
*Jun 6 22:40:21.669: RADIUS: Vendor, Cisco       [26] 41
*Jun 6 22:40:21.669: RADIUS: Service-Type        [6]   6   Outbound                  [5]
*Jun 6 22:40:21.669: RADIUS: Class               [25] 36
*Jun 6 22:40:21.669: RADIUS:   43 41 43 53 3A 30 2F 34 37 30 2F 39 36 30 31 30 [CACS:0/470/96010]
*Jun 6 22:40:21.669: RADIUS:   31 30 31 2F 53 53 4C 55 53 45 52 40 53 53 4C 56 [101/SSLUSER@SSLV]
*Jun 6 22:40:21.669: RADIUS:   50 4E                                            [PN]
*Jun 6 22:40:21.673: RADIUS(00000000): Received from id 1645/27
*Jun 6 22:40:21.673: RADIUS(00000000): Unique id not in use
Rack1R1(config)#
*Jun 6 22:40:21.673: RADIUS/DECODE(00000000): There is no RADIUS DB Some Radius attributes may not be stored
*Jun 6 22:40:21.673: AAA/AUTHOR (0x0): Pick method list 'RAD'
Rack1R1(config)#
*Jun 6 22:40:23.673: WV-AAA: AAA Authentication Failed!
Rack1R1(config)#
*Jun 6 22:40:24.069: %SSLVPN-5-SSL_TLS_CONNECT_OK: vw_ctx: UNKNOWN vw_gw: SSLVPN i_vrf: 0 f_vrf: 0 status: SSL/TLS connection successful with remote at 10.0.0.100:4359
Rack1R1(config)#
router Configuration
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname Rack1R1
boot-start-marker
boot-end-marker
! card type command needed for slot/vwic-slot 0/1
logging message-counter syslog
enable password cisco
aaa new-model
aaa authentication login RAD group radius
aaa authorization network RAD group radius
aaa session-id common
dot11 syslog
ip source-route
ip cef
no ip domain lookup
ip domain name INE.com
ip host cisco.com 136.1.121.1
ip host www.cisco.com 136.1.121.1
ip host www.google.com 136.1.121.1
ip host www.ripe.net 136.1.121.1
no ipv6 cef
multilink bundle-name authenticated
crypto pki trustpoint TP-self-signed-3354934498
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3354934498
revocation-check none
rsakeypair TP-self-signed-3354934498
crypto pki certificate chain TP-self-signed-3354934498
certificate self-signed 01
30820247 308201B0 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33333534 39333434 3938301E 170D3132 30363036 31333030
32375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 33353439
33343439 3830819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100B1E5 889BEB9A 31DFC0D4 7C7F698F 0F52E404 0849263A BD443A96 13C6A440
DCBD4345 EF301E91 0D4AADD9 3C2A17F2 E26E5E96 90F96809 D8FCCF32 7EB58100
74E4772C 6395E03C 1B7F1AF5 482F861F DD62D079 F9977FE2 0E544E18 5FAAF290
DF665B45 EF10D3EC D924E87A 5F827F07 06DE8961 F361C3FA EDBE5F68 452221C8
B9570203 010001A3 6F306D30 0F060355 1D130101 FF040530 030101FF 301A0603
551D1104 13301182 0F526163 6B315231 2E494E45 2E636F6D 301F0603 551D2304
18301680 140B00B8 FD9B58CF 8A6F51BE 25DEC6C5 85E14495 05301D06 03551D0E
04160414 0B00B8FD 9B58CF8A 6F51BE25 DEC6C585 E1449505 300D0609 2A864886
F70D0101 04050003 81810006 4192E2DB ABAF533E 9C4BF24E DF6BFD45 144A6AE9
C874E311 27B23E7B E8DB18C3 4FFB4ACA 4B09F63E 62501578 D8F58D73 D08F016F
49C99B8D DA1073E5 A141C1C7 505BD191 FC58EA7F 54BD9B98 579E1726 7C1CA619
A45DDABC 8F315EE9 D20A30A8 2BD5D67D B744BD69 353B4670 E5BA4540 47059E60
9DC4C940 E91AACBB 4EAFFA
        quit
username admin privilege 15 password 0 admin
username SSLUSER@SSLVPN password 0 cisco
archive
log config
hidekeys
crypto ipsec client ezvpn EZVPN_CLIENT
connect auto
mode client
xauth userid mode interactive
ip tcp synwait-time 5
interface Loopback0
ip address 150.1.1.1 255.255.255.0
interface Loopback6
ip address 6.6.6.6 255.255.255.0
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
interface FastEthernet0/1
no ip address
duplex auto
speed auto
interface FastEthernet0/1.11
encapsulation dot1Q 12
ip address 136.1.11.1 255.255.255.0
interface FastEthernet0/1.121
encapsulation dot1Q 121
ip address 136.1.121.1 255.255.255.0
interface FastEthernet0/0/0
interface FastEthernet0/0/1
interface FastEthernet0/0/2
interface FastEthernet0/0/3
interface Virtual-Template1 type tunnel
no ip address
tunnel mode ipsec ipv4
interface Vlan1
no ip address
router rip
version 2
passive-interface FastEthernet0/1.11
network 136.1.0.0
network 150.1.0.0
no auto-summary
ip local pool SSLVPN 40.0.0.1 40.0.0.254
ip forward-protocol nd
ip route 10.0.0.0 255.255.255.0 136.1.121.12
ip http server
ip http secure-server
ip dns server
ip access-list extended SPLIT
permit ip 136.1.11.0 0.0.0.255 10.0.0.0 0.0.0.255
ip radius source-interface Loopback0
radius-server host 10.0.0.100 auth-port 1645 acct-port 1646 key CISCO
control-plane
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
line vty 0 4
password cisco
scheduler allocate 20000 1000
webvpn gateway SSLVPN
ip interface Loopback0 port 443
http-redirect port 80
ssl encryption rc4-md5
ssl trustpoint TP-self-signed-3354934498
logging enable
inservice
webvpn install svc flash:/webvpn/anyconnect-win-2.5.3055-k9.pkg sequence 1
webvpn context SSLVPN
title "**SSLVPN **"
ssl encryption rc4-md5
ssl authenticate verify all
aaa authentication list RAD
aaa authentication domain @SSLVPN
aaa authorization list RAD
gateway SSLVPN
inservice
end
Any Idea?

Hi,
As I understand , you need to know if you can assign static ip to a user and also is there any other way of assiging a ip other than local pool.
There are three ways of assinging an ip address to VPN client: using local pool, AAA server,DHCP.
You can use the following link for more information:-
Assigning static ip for user present locally on ASA:-
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080a7afb2.shtml
For user present on Active Directory:-
http://technet.microsoft.com/en-us/library/cc786213%28WS.10%29.aspx
The following is the link for assigning ip address using DHCP:-
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080a66bc6.shtml
I hope it helps.
Thanks,
Shilpa

My PC broke down, is it possible to still upgrade the ios without loosing everything on the phone?

Hello,
My PC broke down. So my old Itunes (mp3s) and what not are now only on my phone and not my pc. Im affraid that if i try to upgrade my phone i will losse everything on the phone, music,photos and all that.
Is there some way to "restore" itunes from the phone?
I really want to upgrade my ios but im affraid to loose everything (loosing the music is not the end of the world, but everything else like contacts, photos and that stuff i really dont want to loose.)
Any help or tricks to avoid this would be really great.
Thank you.

What you need to do is access your backup of your computer and restore it on a new computer.
Other than that you can buy a program for the computer that copies files from the iPhone to your computer. Use google to search.

Radius broke my IOS?

Similar Messages

Maybe you are looking for