Hi,
I have this log in my Cisco :
1d00h: RADIUS: Initial Transmit tty2 id 35 192.168.1.53:1812,
Access-Request, len 108
1d00h: Attribute 4 6 C0A802EB
1d00h: Attribute 5 6 00000002
1d00h: Attribute 26 12 0000000902067474
1d00h: Attribute 61 6 00000005
1d00h: Attribute 1 26 6A65726F
1d00h: Attribute 31 14 3139322E
1d00h: Attribute 2 18 76FB9BAF
1d00h: RADIUS: Received from id 35 192.168.1.53:1812, Access-Accept, len
51
1d00h: Attribute 6 6 00000001
1d00h: Attribute 26 25 0000000901137368
1d00h: RADIUS: saved authorization data for user 702D5C at 543938
In Access-Accept, I have two attributes :
6 6 -> service-type = administrative_user
26 25 -> vendor specific attribute = ?
What represents the value 25 for the VSA ?
I want that an user can log on Cisco directly in enable mode :
my switch config is correct ?
aaa new-model
aaa authentication login stage group radius local
aaa authorization exec stage group radius if-authenticated
radius-server host XXXXXXXXX auth-port 1812 acct-port 1813 timeout 3
retransmit 6 key XXXXX
radius-server vsa send authentication
!
line con 0
transport input none
stopbits 1
line vty 0 4
password XXXX
login authentication stage
Thanks
Philippe
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
