Freeradius privilege separation

Michał Dopierała michu162 at gmail.com
Thu May 13 15:23:37 CEST 2010


Hi!

It is possible in freeradius to have one user who has full privilege level
to one equipment (one cisco router privilege lvl15), and limited privilege
level to other equipment (other router with smaller privilege e.g. lvl10
which will be configured on router)?
How to separate it?
My current configuration of users:

 mdopierala      Auth-Type := PAP, Crypt-Password = "passwrd"
                Service-Type = "Administrative-User",
                Cisco-AVPair="shell:priv-lvl=15",
                Brocade-Auth-Role ="Administrator"

and part of clienf.conf

client 192.168.1.1 {
        secret = community
        shortname = router1
}
client 192.168.1.2 {
        secret = community
        shortname = router2
}


I'm waiting for response
Michal Dopierala
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100513/377fa51e/attachment.html>


More information about the Freeradius-Users mailing list