Privileged Login on CISCO using freeradius and MySQL [Virus checked]

thomas.pudil at thomas.pudil at
Thu May 11 12:03:24 CEST 2006

Hi Alan,

>> So the Cisco DOES receive the attributes in the reply packet, but
>> ignores them??
>what does your CISCO IOS config look like for radius ? It appears that you
>only have the authentication line and not the authorization
>aaa new-model
>aaa authentication login default radius local
>aaa authorization exec default radius local

Shame on me!! Seems I dont really understand how Cisco handles all this
Authorization/Authentication :-((

Adding the "authorization"-line as you suggested did the job!
(I assumed this would not be necessary since the Reply attribute would
automatically put the user in privileged mode...)

Thanks a lot for your help!


More information about the Freeradius-Users mailing list