Seeing this at my new job, every network device is configured with specific radius servers for authentication/accounting however, some devices have unique shared keys, and each switch or device has to be statically defined as a defined client in the NPS server. My previous job did that for wireless controllers but for IOS devices, they all just worked with same templated config. How are other industries doing this? Ideally, I want to get to an automated config deployment and while this can certainly be a variable, it just seems cumbersome to get another team involved in every switch addition/removal. I really can't even change radius source interfaces if I needed to without a ticket to the NPS team. What would you consider best practice on this?
No comments:
Post a Comment