Hi ashish,
First of all, WHY you will need such a setup?
Afaik, cisco will send a request to radius for user '$enable15$' whenever someone tries to "enable".
Run freeradius in debug mode (radiusd -X) and then login as one of your users. Type "enable" and the cisco will
send a request to the radiusd. From the debugging session, save that request.
Logout, login on cisco as another username. Type "enable" and the same password. From the debugging radius session,
save the new request.
If you see any relevant differences between the two requests, you may be able to make freeradius do what you want.
If the requests are the same, you realize there is no way to figure out the user behind each request.
Best regards,
Claudiu Filip
Http://www.globtel.ro
T:+40344880100
F:+40344880113
Thursday, July 19, 2007, 7:51:30 PM, you wrote:
|
> |
I dont want the user to go directly in priv mode. through priv level = 15 we direclty get into priv level right. what i am looking for is first the user get into user level and then with another password in level 2. (not with enable password)..it should be through RADIUS server. Ashish |
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
