Using FreeRadius to coordinate access to cisco routers based on time

Frank Cui ycui at
Fri May 23 18:41:55 CEST 2014

> > However, this doesn't really provide any timing or grouping policy.> > Could you please provide some hints on how typically the timing limits
> > are enforced with the freeradius and cisco terminal server?
>   Time limits are set with the Session-Timeout attribute.
Thanks for the reply.
I have tested to change the user config file to be :
cisco Auth-Type := System      Service-Type = NAS-Prompt-User,      Cisco-AVPair = "shell:priv-lvl=15",      Session-Timeout = 20
But it doesn't seem to resolve the problem, not sure if the Cisco terminal server requires any special configs other than the following :
aaa new-modelaaa authentication login default group radius local noneaaa authorization exec default group radius if-authenticated aaa accounting exec default start-stop group radiusaaa accounting network default start-stop group radiusaaa accounting connection default start-stop group radius
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Freeradius-Users mailing list