Using FreeRadius to coordinate access to cisco routers based on time
Frank Cui
ycui at outlook.com
Fri May 23 18:41:55 CEST 2014
> > However, this doesn't really provide any timing or grouping policy.> > Could you please provide some hints on how typically the timing limits
> > are enforced with the freeradius and cisco terminal server?
>
> Time limits are set with the Session-Timeout attribute.
Thanks for the reply.
I have tested to change the user config file to be :
cisco Auth-Type := System Service-Type = NAS-Prompt-User, Cisco-AVPair = "shell:priv-lvl=15", Session-Timeout = 20
But it doesn't seem to resolve the problem, not sure if the Cisco terminal server requires any special configs other than the following :
aaa new-modelaaa authentication login default group radius local noneaaa authorization exec default group radius if-authenticated aaa accounting exec default start-stop group radiusaaa accounting network default start-stop group radiusaaa accounting connection default start-stop group radius
ThanksFrank
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140523/2c7ea635/attachment.html>
More information about the Freeradius-Users
mailing list