migrate from Cisco ACS
Alan DeKok
aland at nitros9.org
Mon Jul 17 17:57:56 CEST 2006
Rob Shepherd <rob at techniumcast.com> wrote:
> Please could anybody point me at a ref for migrating from Cisco ACS server.
There's no real documentation for that specific purpose.
> I'd specifically like to understand how I can get FreeRADIUS to reply to
> my switches,firewalls,VPN and wireless controller with the
> right/appropriate data.
See the documentation for how to look for attributes in the request,
and respond with other attributes.
> for example, if, on the current ACS server, i set the host where
> 'radtest' lives to...
>
> "authenticate using" -> "RADIUS (Cisco aironet)",
>
> ...I get back the correct wireless vlan info. If I then set it to
> authenticate using "RADIUS (VPN 3000)", I don't get back the vlan info
> but the Cisco-AVPair = "shell:priv-lvl=15" response is present.
You will have to configure the "users" file to send these response.
Use the existing responses ACS sends as the template for the
FreeRADIUS responses.
Unlike ACS, FreeRADIUS doesn't have a magic GUI that sets all of
these values on your behalf. You have to do much of that yourself.
Alan DeKok.
More information about the Freeradius-Users
mailing list