Nexus Configurations

David Mitchell mitchell at ucar.edu
Wed May 4 16:14:00 CEST 2011


On May 4, 2011, at 4:48 AM, Darren Shaw wrote:

> Good Morning
>  
> I am new to this forum and to the workings of FreeRadius and I have a query around the Cisco Nexus family.
>  
> Currently we have all our switches and routers authentication to FreeRadius and all seems to be working. The problem comes when I want to authenticate my Nexus 7K and 5K’s.  The 7Ks and 5Ks will authenticated me but the Nexus puts me in an operator role and not in an administrator’s role.
>  
> According to Cisco I have to place the following into
>  
> /usr/local/etc/raddb/sites-available/default
>  
> Cisco-AVPair = "shell:roles=\"network-operator vdc-admin\""
> Cisco-AVPair = "shell:roles*\"network-operator vdc-admin\""
> Cisco-AVPair = "shell:roles=\"network-admin vdc-admin\""
> Cisco-AVPair = "shell:roles*\"network-admin\""

This is what I'm adding to the replies for Nexus 5K's. I don't have any 7K's but I'd be surprised if
they were any different. I have not tried to send two roles so I can't confirm the syntax for that.

        Cisco-AVPair += "shell:roles=network-admin",
        Service-Type := Administrative-User,

-David Mitchell

>  
>  
> The current service type is = Administrative –User
>  
> I have tried each AVPair and nothing works. Has anyone else had this issue?
>  
> If anyone has any advice I would be really grateful.
>  
> Thanks
>  
>  
>  
> Rgds
> Darren Shaw
> The Network Team
> Computing Services
> University of Huddersfield
> Queensgate
> Huddersfield
> HD1 3DH
>  
> TEL: 01484 471317
> MOBILE: 07792 773807
>  
>  
> 
>   ________________________________  
> 
> ---
> This transmission is confidential and may be legally privileged. If you receive it in error, please notify us immediately by e-mail and remove it from your system. If the content of this e-mail does not relate to the business of the University of Huddersfield, then we do not endorse it and will accept no liability.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

-----------------------------------------------------------------
| David Mitchell (mitchell at ucar.edu)       Network Engineer IV  |
| Tel: (303) 497-1845                      National Center for  |
| FAX: (303) 497-1818                      Atmospheric Research |
-----------------------------------------------------------------







More information about the Freeradius-Users mailing list