Cisco and Enterasys not active access to Authenticated User

Alan Buxey A.L.M.Buxey at
Fri Mar 18 14:47:32 CET 2011

>    Hello everyone,
>    I have a scenario that is configured to access active Linux, Cisco and
>    Enterasys for when using Cisco VPN can not authenticate in assets. Only
>    works when it is turned off Filter-ID == "Enterasys: version = 1: mgmt =
>    rw ". Is there any way to configure and access the assets?
>    Follow the example set :
>    FreeRADIUS Version 2.0.4
>    example_user�� Auth-Type := LDAP
>    �������������������� Service-Type = Shell-User,
>    ��������������������� Cisco-AVPair = "shell:priv-lvl=15",
>    ��������������������� Cisco-AVPair = "shell:cmd*",
>    ������������������ Filter-ID == "Enterasys:version=1:mgmt=rw"

easy way no.1:  create another users entry with a fall-through
allowed which basically requires the Cisco kit as a NAS-IP-Address eg

example_user Auth-Type := LDAP, NAS-IP-Address ==
Service-Type = Shell-User,
Cisco-AVPair = "shell:priv-lvl=15",
Cisco-AVPair = "shell:cmd*",

where is the NAS-IP-Address of your cisco kit.

if you want a basic easy way no.2 , then dont use NAS-IP-Address,
use a huntgroup and define your cisco NAS kit in the huntgroups instead
(easy way to have lots of IP addresses for those devices)


More information about the Freeradius-Users mailing list