freeradius cisco-avpair problem

Matthias Wolf matthias.wolf at
Tue Jul 19 11:43:25 CEST 2005


I have y problem with the cisco-avpairs and a 525 cisco pix. After the pix
has gotten the avpairs and created the access-list (e.g. AAA-user-test), the
logging-table says that he needs an authorization. But radius and
authorization? No really!
Here is the line from the logging-table: "Authorization denied (acl=
AAA-user-test) for user 'test' from to xx.xx.xx.xx/53 on
interface inside".
My avpair looks like: "ip:inacl#1=permit tcp host any ".

Where is my mistake? Either on the pix or at my kind of avpairs?

Muchas gracias, Matthias Wolf  

More information about the Freeradius-Users mailing list