R: log on device directly in "priviledged mode"
Molteni Davide
D.Molteni at ntsitalia.com
Wed Apr 11 16:49:09 CEST 2007
-----Messaggio originale-----
Da: freeradius-users-bounces+d.molteni=ntsitalia.com at lists.freeradius.org per conto di Alexander Papenburg
Inviato: mer 11/04/2007 15.41
A: FreeRadius users mailing list
Oggetto: Re: log on device directly in "priviledged mode"
Molteni Davide wrote:
>
> Finally I successfully managed to log into the cisco switch (thanks to
> your help) using freeradius.
> Now I want that the radius users can directly enter into enable mode
> of the cisco device. I set this in the users file
>
> test Auth-Type := Local, User-Password == "test"
> Cisco-AVPair = "shell:priv-lvl=15"
>
> but it doesn't work, the user "test" log into the cisco as unpriviledged.
>
> Is there something missing in the config?
>
> ------------------------------------------------------------------------
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
you need something like that in your switch config:
aaa authorization exec default group [YOURSERVERGROUPHERE] local
I have tried but with the line you suggested Authorization fails and device won't let me in
-------------- next part --------------
A non-text attachment was scrubbed...
Name: winmail.dat
Type: application/ms-tnef
Size: 3420 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070411/cca15df8/attachment.bin>
More information about the Freeradius-Users
mailing list