Privileged Login on CISCO using freeradius and MySQL [Virus checked]
thomas.pudil at t-mobile.at
thomas.pudil at t-mobile.at
Thu May 11 12:03:24 CEST 2006
Hi Alan,
>> So the Cisco DOES receive the attributes in the reply packet, but
obviously
>> ignores them??
>
>what does your CISCO IOS config look like for radius ? It appears that you
may
>only have the authentication line and not the authorization line...eg
>
>aaa new-model
>aaa authentication login default radius local
>aaa authorization exec default radius local
Shame on me!! Seems I dont really understand how Cisco handles all this
Authorization/Authentication :-((
Adding the "authorization"-line as you suggested did the job!
(I assumed this would not be necessary since the Reply attribute would
automatically put the user in privileged mode...)
Thanks a lot for your help!
thomas
More information about the Freeradius-Users
mailing list