Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 80
  • Last Modified:

cisco routers users setup privileges through a radius server

We have some users that will require additional privileges on cisco routers, like executing commands  such as no shut on an interface, etc. Is it possible to set specific privileges levels on a radius server and apply to users.
0
Shen
Asked:
Shen
  • 2
  • 2
2 Solutions
 
askincakirCommented:
Hi,

Mostly solution for your request is done by Cisco Tacacs+ server. There you can use command level permit actions.
But, here i am giving you some another cli level privilege enablements.
Just check and let me know is this what you need ?
Module-Bonus-7-user-priviledges.pptx
0
 
ShenAuthor Commented:
Is there a way to setup a radius group named say:  "test" that belongs to example: domain users

then on the cisco device do :
aaa authentication login "test" group radius local

setup the privilege in the router :
Like example:   privilege exec level 1 show ip  
                            username group  "test" privilege 1
I am trying to avoid setting  users and passwords  in the router. Use radius to provide the users and authentication and assign the privilege exec level to a radius group "test"
0
 
askincakirCommented:
Hi,

Which radius you are planning to use ?

Microsoft NPS ?

Cisco ACS ?
br,
0
 
ShenAuthor Commented:
nps
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now