Netscreen and Freeradius.
Maqbool Hashim
maqbool.hashim at sohonet.co.uk
Tue Aug 23 10:46:56 CEST 2005
Hi,
Has anyone used Radius for authentication with the Netscreens? It works
fine, however there is one problem. Root-Admin for Radius
authentication is no longer supported. This is the value of the
NS-Admin-Privilege attribute in the Netscreen dictionary file which
gives full access to the user. Consequently you have to use
All-VSYS-Root-Admin which gives read-write access to the user, but
disables some vital functions. One of which is tftping software and
config on and off the device. Is anyone aware of any other limitations
for All-VSYS-Root-Admin users?
I'm posting this in the hope that other people have come across this
issue and found a workaround.
Hoping for the best,
Maqbool Hashim
More information about the Freeradius-Users
mailing list