APC (UPS) RADIUS authentication with ACS 5.X

jennyjohn · ‎02-20-2011

I am trying to do RADIUS authentication for APC (UPS) using ACS 5.2 Appliance. It is working fine with ACS 4.2, but unfortunately not with ACS 5.2. I tried creating RADIUS VSA (Vendor Specific Attributes) for APC in ACS 5.2.

According to the APC dictionary file

VENDOR APC 318

#

# Attributes

#

ATTRIBUTE APC-Service-Type 1 integer APC

ATTRIBUTE APC-Outlets 2 string APC

VALUE APC-Service-Type Admin 1

VALUE APC-Service-Type Device 2

VALUE APC-Service-Type ReadOnly 3

#

# For devices with outlet users only

#

VALUE APC-Service-Type Outlet 4

I have added the attributes in blue(attached), how do I add the VALUE's (shown red) in ACS 5.2? What else should I do to get this working?

The hit count on the ACS shows that it is getting authentication request from the APC appliance.

Thanks in advance.

adrian_teo · ‎04-14-2011

Hi All,

I have the same issue with APC UPS radius autnentication. When i login via the web browser to the UPS management page, it gives me a error saying that user creditial is wrong (I'm sure the username and password is correct) the ACS log shows authentication pass using radius attribute 1 for admin access. Is this a bug?

g-georgiou · ‎10-09-2012

Hi,

I am working on the same issue and i manage to login (using Ldap A/D backend authentication). When using the standard Radius attribute Service-Type (1 for read-only and 6 for admin) i manage to get this working. I am however trying to use the APC VSAs (as above) without any success. The objective is to have outlet management for specific users, admin or read-only others. Did u manage to get this working and how?

./G

jennyjohn · ‎10-09-2012

Hope the below link is helpful

http://www.targetcisco.blogspot.com/2011/03/configuring-radius-vsa-on-acs-52-for.html