Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

2810/2848 WebInterface RADIUS Authentication

Pourl
Frequent Advisor

2810/2848 WebInterface RADIUS Authentication

Hi All,

 

I've configured SSH via TACACS+ successfully, but Web(SSL) via RADIUS seems to be impossible. The CiscoACS (AAA-Server) reports that my authentication was successful but the Switch asks merciless again and again for the credentials.

Do I have to send any specific RADIUS-Attributes with the Authorization Profiles?

Perhaps someone resolved this problem.

 

Steps
11001  Received RADIUS Access-Request
11017  RADIUS created a new session
Evaluating Service Selection Policy
15004  Matched rule
15012  Selected Access Service - Switch Web Admin
Evaluating Identity Policy
15004  Matched rule
15013  Selected Identity Store - Internal Users
24210  Looking up User in Internal Users IDStore - user123
24212  Found User in Internal Users IDStore
22037  Authentication Passed
Evaluating Group Mapping Policy
Evaluating Exception Authorization Policy
15042  No rule was matched
Evaluating Authorization Policy
15004  Matched rule
15016  Selected Authorization Profile - Permit Access
11002  Returned RADIUS Access-Accept

 

Thanks in advanced,

Paul

1 REPLY
Pourl
Frequent Advisor

Re: 2810/2848 WebInterface RADIUS Authentication

Hi, I mad it!

 

I had to transmit the "service-type" - RADIUS-Attribute. "administrative" for enable(manager)-access and "nas-promt" for operator-access.

 

This Page was very helpful:

http://wiki.freeradius.org/HP

 

Bye