Control access using Radius without ACS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-24-2012 11:22 PM - edited 03-10-2019 05:44 AM
I want to log into my IPS using my existing RSA SecurID using Radius. Is it possible to use a Radius attribute in the RSA to tell the IPS what privillege\role the user is? The idea is I dont create users on the IPS, if a user tries to logon it authenticates them via radius running on the RSA server and if the user is allowed to log onto that clietn IP (the IPS) then it will allow them to logon but also pass a message back to the IPS to say this person has full admin access. Is that possible using an attribute? ANy guidance would be great.
- Labels:
-
IPS and IDS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-31-2012 03:03 AM
Yes, you should be able to specify the user role on the radius server.
http://www.cisco.com/en/US/docs/security/ips/7.0/configuration/guide/cli/cli_setup.html#wp1276213
Regards,
Sawan Gupta
