HI, I have a network switch that I'm trying to configure to allow Console port authentication via RADIUS.
In the documentation of the switch it says: "To provide each user with appropriate levels of access to the switch, set the following username attributes on your RADIUS server: - R/W access -- Set the Service-Type field value to Administrative - Read-Only -- set the Service-Type field value to NAS-Prompt" So, in my users file, I have defined a user: "testuser" NAS-IP-Address == "172.16.8.30", Cleartext-Password := "testing", Service-Type =="Administrative-User" When I run in debug mode, I get the following in my log, which implies to me that the user is successfully authorized and the Access-Accept message is being sent back. Mon Apr 23 14:38:15 2007 : Debug: rlm_pap: login attempt with password testing Mon Apr 23 14:38:15 2007 : Debug: rlm_pap: Using clear text password "testing". Mon Apr 23 14:38:15 2007 : Debug: rlm_pap: User authenticated succesfully Mon Apr 23 14:38:15 2007 : Debug: modsingle[authenticate]: returned from pap (rlm_pap) for request 0 Mon Apr 23 14:38:15 2007 : Debug: modcall[authenticate]: module "pap" returns ok for request 0 Mon Apr 23 14:38:15 2007 : Debug: modcall: leaving group PAP (returns ok) for request 0 Sending Access-Accept of id 16 to 172.16.8.30 port 2048 However, when I run a packet capture, I see that no Radius attributes are being passed back to the NAS device. Shouldn't I be seeing the Administrative-User attribute? Thanks Matt [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html