Am Dienstag, 20. September 2005 20:13 schrieb Ryan Sharpe: > Hello all, > > I'm having a problem getting users to default to the right privilege > level. > > aaa authentication login default group radius local > aaa authorization exec default group radius local > radius-server host xx.20.xx.xx auth-port 1645 acct-port 1646 > radius-server key 7 xxxxxxxxxxxx > privilege exec level 2 enable > > DEFAULT Group == "radiusfull", Auth-Type = System > CiscoAVPair = "shell:priv-lvl=2", > Fall-Through = No > DEFAULT Group == "radiusview", Auth-Type = System > CiscoAVPair = "shell:priv-lvl=1", > Fall-Through = No ... > I also did a packet capture of the communication between > the two devices and I did no see any of the AVPairs in the packet data. > If someone could help and enlighten me that would be great. THANKS!
Maybe you should use "Cisco-AVPair" instead of "CiscoAVPair"? Or is "CiscoAVPair" in one of your dictionaries? --Gerald - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html