This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Exos platform- Allowed command per user through RADIUS

Exos platform- Allowed command per user through RADIUS

Go to solution
Ragavendiran
New Contributor

‎08-06-2019 07:55 AM

Hi,

How to configure Allowed command per user through RADIUS?

I already done the RADIUS with VSA 210 and switch login in admin level access.

I want to restricts the commands.
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
Ty_Izzet
Extreme Employee

‎08-14-2019 01:39 PM

Ragavendiran,

This option is not available through EXOS or RADIUS, per the following article:

https://gtacknowledge.extremenetworks.com/articles/Q_A/Can-you-have-per-user-allowed-command-permissions-when-using-a-radius-server-for-authentication

The following post does give some insight on privilege levels using TACACS:

https://community.extremenetworks.com/extremeswitching-exos-223284/xos-restrict-cli-commands-6856140

Privilege levels are handled by RADIUS on the server side. On the RADIUS server a normal user is needed for user access. If the user needs admin privileges on the switch the RADIUS user should be configured to send the RADIUS Service-Type attribute with a value of Administrative. For further information on this attribute, see Section 5.6 of RFC 2865.

View solution in original post

0 Kudos
1 REPLY 1

Go to solution
Ty_Izzet
Extreme Employee

‎08-14-2019 01:39 PM

Ragavendiran,

This option is not available through EXOS or RADIUS, per the following article:

https://gtacknowledge.extremenetworks.com/articles/Q_A/Can-you-have-per-user-allowed-command-permissions-when-using-a-radius-server-for-authentication

The following post does give some insight on privilege levels using TACACS:

https://community.extremenetworks.com/extremeswitching-exos-223284/xos-restrict-cli-commands-6856140

Privilege levels are handled by RADIUS on the server side. On the RADIUS server a normal user is needed for user access. If the user needs admin privileges on the switch the RADIUS user should be configured to send the RADIUS Service-Type attribute with a value of Administrative. For further information on this attribute, see Section 5.6 of RFC 2865.
0 Kudos
GTM-P2G8KFN