Hi, > Hello everyone, > I have a scenario that is configured to access active Linux, Cisco and > Enterasys for when using Cisco VPN can not authenticate in assets. Only > works when it is turned off Filter-ID == "Enterasys: version = 1: mgmt = > rw ". Is there any way to configure and access the assets? > > Follow the example set : > > FreeRADIUS Version 2.0.4 > > example_user�� Auth-Type := LDAP > �������������������� Service-Type = Shell-User, > ��������������������� Cisco-AVPair = "shell:priv-lvl=15", > ��������������������� Cisco-AVPair = "shell:cmd*", > ������������������ Filter-ID == "Enterasys:version=1:mgmt=rw"
easy way no.1: create another users entry with a fall-through allowed which basically requires the Cisco kit as a NAS-IP-Address eg example_user Auth-Type := LDAP, NAS-IP-Address == xxx.xxx.xxx.xxx Service-Type = Shell-User, Cisco-AVPair = "shell:priv-lvl=15", Cisco-AVPair = "shell:cmd*", where xxx.xxx.xxx.xxx is the NAS-IP-Address of your cisco kit. if you want a basic easy way no.2 , then dont use NAS-IP-Address, use a huntgroup and define your cisco NAS kit in the huntgroups instead (easy way to have lots of IP addresses for those devices) alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
