Could you add this to the wiki ?
http://wiki.freeradius.org/Cisco
Done.
I myself don't use any Cisco kit, but the situation is much the same
with HP Procurve Switches.
On all but the most expensive switches TACACS+ is the only way to define
command lists, on all the others your
either a
Hi Stefan,
It may be primarily Cisco that pushes TACACS+ because ACS is a much
better TACACS+ server than it is a RADIUS server. However, there are
many vendors that offer some degree of support for TACACS+ just to
avoid one of the barriers to entering the many Cisco only networks.
:-)
Rgds,
Stefan Winter wrote:
Hi all,
there are inquiries every once in a while here about how to enable command
authorization for Cisco devices in a Cisco-AVPair. The usual answer is: find
out if the NAS has an attribute for it.
Now I'm myself trying to get rid of a haunting daemon, the tac_plus
Hi all,
there are inquiries every once in a while here about how to enable command
authorization for Cisco devices in a Cisco-AVPair. The usual answer is: find
out if the NAS has an attribute for it.
Now I'm myself trying to get rid of a haunting daemon, the tac_plus daemon,
and so I
There are settings in the Cisco IOS that will
allow you to authenticate an administrator through
a freeradius server
Lim Han Shyong wrote:
Hi all:
I would like use freeradius to authenticate telnet service
into cisco. Its work after setup. So now my further questions are .
1. How i
Hi
all: I would like use freeradius to
authenticate telnet service intocisco. Its work after setup. So now my
further questionsare .
1. How i configure
the command authorization with freeradius? which mean i only allow user to enter
certain command during the telnet session.
2. How i build
To: Free-Radius (E-mail)
Subject: Cisco Command
authorization
Hi all:
I would like use freeradius to authenticate
telnet service intocisco. Its work after setup. So now my further
questionsare .
1. How i configure the command authorization with
freeradius? which mean i only allow user
48
PMTo: [EMAIL PROTECTED]Subject: RE:
Cisco Command authorization
1.
To do thi is not
trivial. It will require you to put all the commands that you want the users
to execute in a custom command level on the cisco router. For example you can
think of all the allowed commands an
Hi,
I'm currently investigating freeradius in order to migrate from tacacs+
to radius.
I got pretty much authentication and accounting to do what I want.
But I cannot figure out what's wrong with the command authorization.
Config seems good but nothing is sent to RADIUS server.
Here's router
It would probably help [grin] if you sent the radiusd -x output instead of the Cisco
debug output - this list does not normally perform vendor specific troubleshooting (
but if someone on the list has seen the specific type of problem they usually
respond)
Gary N. McKinney
Network
10 matches
Mail list logo