Firmware 3.01.94 and lower
Firmware 1.01.45 and lower
Firmware 1.00.27 and lower
Radius authenticate just device management access
Radius authenticate just network access
Authenticate to a RADIUS Server
In order to permit Radius Authentication to regulate just device Management access or just user Network access, two elements must be configured:
- A 'management' vs 'network' selection on the Radius server
- A matching 'management' vs 'network' selection on the managed device
For the C2, upgrade to firmware 3.02.30 or higher.
For the B2, upgrade to firmware 2.00.16 or higher.
For the A2, upgrade to firmware 1.01.20 or higher.
With these firmware versions, the DFE-like 'set radius realm' command is supported.
C2(rw)->set radius realm ?
management-access Sets Access type to management-access
network-access Sets Access type to network-access
any Sets Access type to any-access
Here is a sample partial configuration which authenticates against one server for network users and a different server for management access.
set radius enable
set radius server 1 184.108.40.206 1812 myfirstsecret realm network-access
set radius server 2 220.127.116.11 1812 myothersecret realm management-access[/code]