Re: failed to privilege mode when authenticated by radius server

aalonzo93 · ‎08-27-2007

hi,

I tried to authenticate and authorized Nokia/checkpoint Nortel/AD3 and Nortel 5510 platform using an 4.1 for windows ACS. the ACCESS-REQUEST is well processed bi the radius server wich send ACCESS-ACCEPT to the AAA Client (ie NORTEL or NOKIA), but i'have got privilege access denied on the Client side.

RADIUS IETF Dictionnary is used for every device.

all others Cisco Devices authenticate and are well authorized.

I didn't found any documentation about this item.

best regards

Alain

rochopra · ‎08-28-2007

Hi,

You need to configure proper parameters in ACS based on the device requirement which you can get from the vendor.

To add Vendor Specific Attribute in ACS based on the dictionary file specified by vendor, you need to create an INI file and upload it to windows using following command:

CSUtil.exe -addUDV slot-number filename

Following link can give you more information on the same:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.1/user/A_CSUtil.html#wp365540

~Rohit

aalonzo93 · ‎09-03-2007

Hi,

The vendor specified wich AVpair is needed for Alteon Devices, "administrative" value for number 6 IETF AVpair is required, so this is working fine now.

best regards

Alain

yunchouljung · ‎08-27-2011

hello, alain

I read the your post on CISCO COMMUNITY SUPPORT.

can you send me a VSA Dictionary file for Alteon Devices.

my e-mail address is ycjung@ringnet.co.kr

thanks in advance

YUN CHOUL JUNG