radius for cisco management
Phil Mayers
p.mayers at imperial.ac.uk
Mon Oct 8 23:40:34 CEST 2007
On Mon, 2007-10-08 at 17:00 -0300, German Garay wrote:
> Hi
> I want to do per user command authorization in a cisco network
> to replace a tacacs+ server. But I can´t find a how to in a page, can
> you send me the link?
Can't be done.
The best you can do is use Radius to assign a privilege level, and bind
the commands to a privilege, but you cannot do per-command auth. That's
a TACACS-only feature.
See:
http://marc.info/?l=cisco-nsp&m=118188387413537&w=2
More information about the Freeradius-Users
mailing list