03-09-2022 01:28 AM
Hi All
I am trying to configure my switch to get authentication using radius .Here is the below configuration
aaa new-model
!
!
aaa authentication login default group radius local
aaa authorization exec default group radius local
aaa accounting exec default start-stop group radius
Able to login the switch but it is coming in "cisco>" every time i need to put enable password What is the configuration is require so that when I can login it will directly to go "cisco# "
Looking for your help to fix the issue
Thanks
Debabrata
03-09-2022 01:36 AM
- The radius server must be able or configured to return certain attributes , ref : https://www.cisco.com/c/en/us/support/docs/security-vpn/remote-authentication-dial-user-service-radius/13860-PRIV.html
Look at the paragraph/example starting from : Cisco Secure UNIX RADIUS (the server must support Cisco av-pairs and or be configured in a similar manner)
M.
03-09-2022 02:12 AM
what radius is this ?
03-09-2022 02:45 AM
Hi
It is freeradius install in Centos
Thanks
03-09-2022 03:06 AM
- The radius server must be able or configured to return certain attributes , ref : https://www.cisco.com/c/en/us/support/docs/security-vpn/remote-authentication-dial-user-service-radius/13860-PRIV.html
Look at the paragraph/example starting from : Cisco Secure UNIX RADIUS (the server must support Cisco av-pairs and or be configured in a similar manner)
M.
03-09-2022 03:41 AM
Appologies the subject has that information :
Do you have AAA configured on Switch and using freeradius as device admin then the user should be priv 15 to get direct # access
follow bellow guide ( in addtion to other sugggested)
03-09-2022 03:22 AM - edited 03-09-2022 03:25 AM
Hello,
what else is in your configuration ? Post the full output of 'sh run'. Make sure you also have:
#adius-server host x.x.x.x auth-port 1645 acct-port 1646
radius-server key secret_key
confgured.
03-09-2022 05:42 AM
Hi
Issue fixed with configuration in freedadius
cisco Cleartext-Password := "password"
Service-Type = NAS-Prompt-User,
Cisco-AVPair = "shell:priv-lvl=15"
Thanks all your support
03-09-2022 07:19 AM
Hi
Can any one help how to integrate Active directory with Free Radius for central authentication for network device login
Thanks
03-09-2022 07:35 AM
The document here step by step :
https://wiki.freeradius.org/guide/freeradius-active-directory-integration-howto
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide