01-20-2011 09:33 AM - edited 03-06-2019 03:06 PM
Greetings,
I have a Nexus 7010 running 5.1(1). I'm using RADIUS (Microsoft) to authenticate access to the device.
In prior versions of the IOS, RADIUS attribute 31 was forwarded to the RADIUS server. In NXOS, this attribute is not forwarded. Is there any way to configure NXOS to forward RADIUS attribute 31? Note that some versions of the IOS have radius commands to enable it (i.e. "radius-server attribute 31 send nas-port-detail").
The functionality I wish to achive is to apply RADIUS policies by the user's IP address.
Thanks for taking a look...
Mike
Solved! Go to Solution.
01-24-2011 10:50 AM
Greetings Mike,
Sending attribute 31 (Calling-Station-Id) isn't currently supported when using RADIUS authentication under NX-OS. I took a quick look and couldn't find any mention in the roadmap.
I'd recommend contacting TAC or your Cisco Account team to raise a feature request. Although it probably doesn't help much, TACACS+ will include the address of the authenticating user.
Cheers,
/Phil
01-24-2011 10:50 AM
Greetings Mike,
Sending attribute 31 (Calling-Station-Id) isn't currently supported when using RADIUS authentication under NX-OS. I took a quick look and couldn't find any mention in the roadmap.
I'd recommend contacting TAC or your Cisco Account team to raise a feature request. Although it probably doesn't help much, TACACS+ will include the address of the authenticating user.
Cheers,
/Phil
01-24-2011 11:00 AM
Thanks Phil,
I guess I'll just use ACLs to enforce the policy (I wanted to use RADIUS in addition to ACLs).
Cheers,
Mike
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide