Molteni Davide wrote: > > -----Messaggio originale----- > Da: [EMAIL PROTECTED] per conto di Alexander Papenburg > Inviato: mer 11/04/2007 15.41 > A: FreeRadius users mailing list > Oggetto: Re: log on device directly in "priviledged mode" > > Molteni Davide wrote: > >> Finally I successfully managed to log into the cisco switch (thanks to >> your help) using freeradius. >> Now I want that the radius users can directly enter into enable mode >> of the cisco device. I set this in the users file >> >> test Auth-Type := Local, User-Password == "test" >> Cisco-AVPair = "shell:priv-lvl=15" >> >> but it doesn't work, the user "test" log into the cisco as unpriviledged. >> >> Is there something missing in the config? >> >> ------------------------------------------------------------------------ >> >> - >> List info/subscribe/unsubscribe? See >> http://www.freeradius.org/list/users.html >> > > Hi, > > you need something like that in your switch config: > > aaa authorization exec default group [YOURSERVERGROUPHERE] local > > > I have tried but with the line you suggested Authorization fails and device > won't let me in >
Oh I am sorry, seems like this will work only on cisco router, for switches you need tacacs for exec mode. cisconfusion %) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html