- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- Web and Unmanaged
- >
- V1910 radius server Level privilege
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-31-2011 04:44 AM - edited тАО04-01-2011 12:22 AM
тАО03-31-2011 04:44 AM - edited тАО04-01-2011 12:22 AM
V1910 radius server Level privilege
Authorization while using CS ACS as a RADIUS server does not seem to work with the V1910 switches we are using.
The VSA for determining privilege levels (representing privilege levels 0 through 3) and is set on my RADIUS server... I see in the logs that it's passing this attribute back to the switch. However, no matter what I set this value to I am always at privilege level 0 when I authenticate against the RADIUS server.
Does anybody know how to fix it?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-12-2011 01:44 AM
тАО04-12-2011 01:44 AM
Re: V1910 radius server Level privilege
Hi
I have exactly the same problem.
My switch is V1910-24G
Here is my simple user file from freeradius
testing Cleartext-Password := "password" 3Com-User-Access-Level = 3
The user is authenticated successfully. RADIUS sent the "3Com-User-Access-Level = 3" but stuck in view only mode after login.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-07-2011 08:07 PM
тАО05-07-2011 08:07 PM
Re: V1910 radius server Level privilege
Cornflag, thedesp, have you made any progress with this?
I seem to be having the same issue.
Using Server 2008 Network policy services(AKA IAS)
HP V1910 switch
I have it all set up and I can telnet to the switch and log into the web page.
However, with telnet, the only command available is "quit".
When I log into the web page, I get "User level is lower!110"
Have tried:
Service-Type=Administrative
Vendor-Specific=010600000003
Vendor-Specific=shell:priv-lvl=15
in various combinations.
Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-02-2011 11:38 PM
тАО06-02-2011 11:38 PM
Re: V1910 radius server Level privilege
Still no progress on this.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-27-2011 06:03 AM
тАО06-27-2011 06:03 AM
Re: V1910 radius server Level privilege
Good afternoon.
I have the same problem. What should be sent to 3Com Baseline Switch 2920-SFP Plus (HP V1910) in Access-Accept packet to make it give a necessary privilege level? It returns at this moment the:
<ROOT> <ErrorMsg> User level is lower! </ErrorMsg> <ErrorId> 11 </ErrorId> <BackHome> 0 </BackHome> </ROOT>
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-22-2012 06:16 AM - edited тАО05-23-2012 02:47 AM
тАО05-22-2012 06:16 AM - edited тАО05-23-2012 02:47 AM
Re: V1910 radius server Level privilege
I did it :) I just change the radius server type from "Standart" to "Extended" and then add "Login-Service = Telnet" to radius attributes...
My current working config:
... domain default enable system ... radius scheme system server-type extended primary authentication 172.30.192.232 key authentication testing123 user-name-format without-domain ... domain testdomain authentication default radius-scheme system authorization default radius-scheme system access-limit disable state active idle-cut disable self-service-url disable ... domain system access-limit disable state active idle-cut disable self-service-url disable
And my current lines from freeradius users file to 3Com Baseline Switch 2920-SFP Plus:
steve Cleartext-Password := "testing123" 3Com-User-Access-Level = 3, Service-Type = NAS-Prompt-User, Login-Service = Telnet
freeradius users lines for HP-v1910
steve Cleartext-Password := "testing123" Hw_Exec_Privilege = H3C-Administrator, Service-Type = NAS-Prompt-User, Login-Service = Telnet
and dictionary.h3c:
VENDOR H3C 25506 BEGIN-VENDOR H3C ATTRIBUTE H3C-Connect_Id 26 integer ATTRIBUTE H3C-NAS-Startup-Timestamp 59 integer ATTRIBUTE H3C-Ip-Host-Addr 60 string ATTRIBUTE H3C-Product-ID 255 string ATTRIBUTE Hw_Exec_Privilege 29 integer VALUE Hw_Exec_Privilege H3C-Visitor 0 VALUE Hw_Exec_Privilege H3C-Monitor 1 VALUE Hw_Exec_Privilege H3C-Manager 2 VALUE Hw_Exec_Privilege H3C-Administrator 3 END-VENDOR H3C
Now login with username steve@testdomain and you have administrator rights
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-06-2012 06:17 AM
тАО07-06-2012 06:17 AM
Re: V1910 radius server Level privilege
It is config truly working
Thanks for all