Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
522
Views
0
Helpful
2
Replies

m9500 and radius authentication

pokey
Level 1
Level 1

‎08-03-2004 11:09 PM

Hi all

I've got a problem with configuring aaa on the m9500, users telnetting to the device get authenticated but does not appear to have the right authorization level for all the commands ie copy. The radius server has no problem authenticating users. Is there something that im missing?

all i have is:

aaa authentication login default group radius local

and the associated radius-server commands

thanks in advance

Labels:
0 Helpful
2 Replies 2

plowden
Cisco Employee
Cisco Employee

‎08-04-2004 06:04 AM

It sounds like you're not getting network-admin privileges. You can check this with "sh user-account" on the switch CLI.

On the RADIUS server, how are you configuring the AV pair? It should look something like this:

cisco-av-pair=shell:roles="network-admin"

You should remove "cisco-av-pair=" if you're using the Cisco ACS server.

If you're using role-based access, you can add other roles after network-admin (separated by spaces).

0 Helpful

pokey
Level 1
Level 1
In response to plowden

‎08-05-2004 06:44 PM

thanks for that.. it worked

0 Helpful
Customers Also Viewed These Support Documents