cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

475
Views
0
Helpful
1
Replies
Highlighted
Beginner

Control access using Radius without ACS

I want to log into my IPS using my existing RSA SecurID using Radius.  Is it possible to use a Radius attribute in the RSA to tell the IPS what privillege\role the user is?  The idea is I dont create users on the IPS, if a user tries to logon it authenticates them via radius running on the RSA server and if the user is allowed to log onto that clietn IP (the IPS) then it will allow them to logon but also pass a message back to the IPS to say this person has full admin access.  Is that possible using an attribute?  ANy guidance would be great.                  

1 REPLY 1
Highlighted
Beginner

Yes, you should be able to specify the user role on the radius server.

http://www.cisco.com/en/US/docs/security/ips/7.0/configuration/guide/cli/cli_setup.html#wp1276213

Regards,

Sawan Gupta

Thanks & Regards, Sawan Gupta
Content for Community-Ad