Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1479
Views
0
Helpful
2
Replies

Per-device/per-user AAA authorization with Freeradius

Olivier ARRIGHI
Level 1
Level 1

‎07-15-2013 05:04 PM - edited ‎03-10-2019 08:39 PM

Hi Folks

I'm using a Freeradius with local username database (no LDAP) for authentication.(working well)

I have various network devices in my network, and I would like to have custom authorization per user per device :

I would like to have 2 types of network admins, and 2 types of network devices, with the following rules :

-"Core devices" must be granted privilege level 15 for "Core admins"

-"Access devices" must be granted privilege level 15 for "Access admins" and "Core admins"

-"Core devices" must be granted privilege level 1 for "Access admins".

-There is now way "Access admins" can access to configuration mode on "Core devices" with enable command.

Any help and config example for freeradius and cisco side are very welcome

thanks

olivier

Labels:
0 Helpful
2 Replies 2

Ravi Singh
Level 7
Level 7

‎07-31-2013 06:59 PM

Hello Olivier,

I would like to suggest you to go to the below link . This document describes the procedure for Per-device user authentication.

http://wiki.freeradius.org/vendor/Cisco#Per-User-Privilege-Level

Hope this may help you

0 Helpful

Olivier ARRIGHI
Level 1
Level 1
In response to Ravi Singh

‎07-31-2013 07:21 PM

Hi Ravi

thanks for the URL, however this document does not indicate how to authorize per device AND per user.

have fun

olivier

0 Helpful
Customers Also Viewed These Support Documents