Packet Tracer 7.1.1 tutorial - Radius configuration

3.375 1 1 1 1 1 Rating 3.38 (24 Votes)

Learning RADIUS : recommended books

Coming soon

Configure telnet authentication on a Cisco 2811 router

Telnet authentication lab description

This Packet Tracer tutorial describes how to configure RADIUS authentication on a CiscoTM 2811 router to secure telnet access. The RADIUS server is hosted as a service on a Server-PT device. Radius client password has to be configured on the AAA tab of the Server-PT device.

Router R1 :

  • FastEthernet 0/0 : 192.168.1.1/24
  • FastEthernet 0/1 : 192.168.2.1/24

RADIUS Server : 192.168.1.2/24

Client (Laptop0) : 192.168.2.1/24

 

Packet Tracer 5.3 - Router radius authentication

Configuration steps

IOS configuration on R1

aaa new-model The first command, aaa new-model, tells the router that you are using either TACACS+ or RADIUS for authentication.
radius-server host 192.168.1.2 key p@ssword Tells the router the IP address of the RADIUS server and the shared secret.
aaa authentication login default group radius local The aaa authentication command is used to start RADIUS authentication on the router as a defaul method for login.

line vty 0 15

login authentication default

Configuration of the vty interfaces for login

 

 

Configure WPA entreprise on a Linksys access point

WPA enterprise lab description

This tutorial describes how to configure WPA entreprise WIFI authentication on a LinksysTM WRT300N wireless router in Packet Tracer 7.1.1

Linksys WRT300N : 192.168.1.1/24

RADIUS Server : 192.168.1.2/24

Laptop : 192.168.1.3/24

Tip : For security reasons, it is highly recommended to secure the RADIUS server behind a router (using ACL) or a firewall in production networks.

 

Packet Tracer 5.3 - WPA entreprise configuration

Packet Tracer 5.3 - Radius server configuration

 

Configuration steps

  1. Add a Linksys AP and configure it's IP address to 192.168.1.1 (netmask 255.255.255.0)
  2. Add a Server-PT device and configure it's IP address to 192.168.1.2 (netmask 255.255.255.0)
  3. On the Server configuration page, configure the AAA Service with the following settings :
    1. Client Name : Linksys (Chose a name. Doesn't need to match AP name)
    2. Client IP : IP address of the Linksys AP
    3. Client password : A shared secret with the AP (here : deltapassword)
    4. Create a new user (name : user1 - Password : test)
  4. Configure the wireless settings of the Linksys AP like in the screenshot above (WPA TKIP / Radius server IP / Shared secret)
  5. Add a laptop device and configure it with a PT-LAPTOP-NM-1W module (Drag and drop to replaces the original ethernet module)
  6. Configure the wireless settings of the laptop like in the screenshot above (WPA TKIP / User ID, Password)
  7. The connection should establish between the laptop and the AP.