Use ACE/Server RADIUS to control enable access to Cisco Router
Originally Published: 2002-01-10
Article Number
Applies To
RADIUS
Cisco Router
Issue
Not able to give enable access privileges to users authenticating via RADIUS
Cause
Resolution
This configuration would be enabled using this command on the router:
aaa authorization exec default radius
On the ACE/Server administration interface:
Profile--> Add Profile
Name the profile appropriately
Add the attribute(s):
1. Service-Type
This attribute can be set to login (Regular User) or administrative-user
2. For further granularity of enable privileges add:
Vendor-Specific
Set the value to: 9 1 "shell:priv-lvl=15" (the 15 can range from 1 to 15 depending on your router enable privilege config)
Related Articles
Configuring a restricted agent associated to a RADIUS client to control user access with RSA Authentication Manager 8.x. Number of Views Configuring a Restricted Agent to Control User Access Number of Views Errors: ?User not in database? and 'User not on Agent Host' in ACE/Server activity log when trying to authenticate via RAD… Number of Views How to map a RADIUS attribute to a value that equals a user group for access control Number of Views Startup fails with 'Job for aveksa_server.service failed because the control process exited with error code' when starting… Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process RSA Release Notes for RSA Authentication Manager 8.8 RSA RADIUS Server service failed to start in the RSA Authentication Manager 8.1 Operations Console Microsoft Entra ID External MFA - Relying Party Configuration Using OIDC - RSA Ready Implementation Guide RSA Release Notes: Cloud Access Service and RSA Authenticators
Don't see what you're looking for?
