Could you add this to the wiki ?
http://wiki.freeradius.org/Cisco
Done.
I myself don't use any Cisco kit, but the situation is much the same
with HP Procurve Switches.
On all but the most expensive switches TACACS+ is the only way to define
command lists, on all the others your
either a
Hi Stefan,
It may be primarily Cisco that pushes TACACS+ because ACS is a much
better TACACS+ server than it is a RADIUS server. However, there are
many vendors that offer some degree of support for TACACS+ just to
avoid one of the barriers to entering the many Cisco only networks.
:-)
Rgds,
Stefan Winter wrote:
Hi all,
there are inquiries every once in a while here about how to enable command
authorization for Cisco devices in a Cisco-AVPair. The usual answer is: find
out if the NAS has an attribute for it.
Now I'm myself trying to get rid of a haunting daemon, the tac_plus
There are settings in the Cisco IOS that will
allow you to authenticate an administrator through
a freeradius server
Lim Han Shyong wrote:
Hi all:
I would like use freeradius to authenticate telnet service
into cisco. Its work after setup. So now my further questions are .
1. How i
1.
To do thi is not trivial. It will require
you to put all the commands that you want the users to execute in a custom
command level on the cisco router. For example you can think of all the allowed
commands and put them in level 5.
Once you do that, you can now use radius
to authorize
48
PMTo: [EMAIL PROTECTED]Subject: RE:
Cisco Command authorization
1.
To do thi is not
trivial. It will require you to put all the commands that you want the users
to execute in a custom command level on the cisco router. For example you can
think of all the allowed commands an
It would probably help [grin] if you sent the radiusd -x output instead of the Cisco
debug output - this list does not normally perform vendor specific troubleshooting (
but if someone on the list has seen the specific type of problem they usually
respond)
Gary N. McKinney
Network
7 matches
Mail list logo