Solved

cisco routers users setup privileges through a radius server

Posted on 2015-02-19
4
70 Views
Last Modified: 2015-07-31
We have some users that will require additional privileges on cisco routers, like executing commands  such as no shut on an interface, etc. Is it possible to set specific privileges levels on a radius server and apply to users.
0
Comment
Question by:Shen
  • 2
  • 2
4 Comments
 
LVL 4

Assisted Solution

by:askincakir
askincakir earned 500 total points
ID: 40620697
Hi,

Mostly solution for your request is done by Cisco Tacacs+ server. There you can use command level permit actions.
But, here i am giving you some another cli level privilege enablements.
Just check and let me know is this what you need ?
Module-Bonus-7-user-priviledges.pptx
0
 

Author Comment

by:Shen
ID: 40625727
Is there a way to setup a radius group named say:  "test" that belongs to example: domain users

then on the cisco device do :
aaa authentication login "test" group radius local

setup the privilege in the router :
Like example:   privilege exec level 1 show ip  
                            username group  "test" privilege 1
I am trying to avoid setting  users and passwords  in the router. Use radius to provide the users and authentication and assign the privilege exec level to a radius group "test"
0
 
LVL 4

Accepted Solution

by:
askincakir earned 500 total points
ID: 40628178
Hi,

Which radius you are planning to use ?

Microsoft NPS ?

Cisco ACS ?
br,
0
 

Author Comment

by:Shen
ID: 40649436
nps
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
NTP port 123 UDP 5 54
POE NAS Drives 4 177
VTP LOG RUNTTIME ERROR 31 125
Configure HP 5500 Switch with Comware 15 49
Setting up SSH Cisco We are all told that you should not use Telent for connecting to devices because it is unsecure and all clear text. Much better is to use SSH, but it can seem a bit of a challenge setting it all up and especially in a small n…
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now