Setting Network Access Permissions using Radius

  • 0
  • 1
  • Article
  • Updated 3 years ago
Article ID: 7220 

MAC Authentication

Set Management / Network access permissions using radius.
Set super-user / read-write / read-only permission using radius.

Authentication access type not as expected.
Management access level not as expected.

The authentication access type is configured at the Radius server, tied to the user's associated group. It's here that you may specify 'Any Access, 'Management Access' only, or 'Network Access' only, for that group. The default is 'Any Access', which means that Radius will service both local management and network access requests.

Unless the managed device has a similar configuration granularity, it will either be able to Radius-authenticate both management and network access, or neither (5677).

Also configured at the Radius server, and relevant to the first two options above, is the management access level (su, rw, ro), again tied to the user's associated group. The access level will be returned by the Radius server to the authenticating switch as part of the FilterID (5199).

See also: 5532.
Photo of FAQ User

FAQ User, Official Rep

  • 13,590 Points 10k badge 2x thumb

Posted 3 years ago

  • 0
  • 1

There are no replies.

This conversation is no longer open for comments or replies.