radius for cisco management

Phil Mayers p.mayers at imperial.ac.uk
Mon Oct 8 23:40:34 CEST 2007

On Mon, 2007-10-08 at 17:00 -0300, German Garay wrote:
> Hi
>        I want to do per user command authorization in a cisco network
> to replace a tacacs+ server. But I can´t find a how to in a page, can
> you send me the link? 

Can't be done.

The best you can do is use Radius to assign a privilege level, and bind
the commands to a privilege, but you cannot do per-command auth. That's
a TACACS-only feature.



More information about the Freeradius-Users mailing list