Use ACE/Server RADIUS to control enable access to Cisco Router
Originally Published: 2002-01-10
Article Number
Applies To
RADIUS
Cisco Router
Issue
Not able to give enable access privileges to users authenticating via RADIUS
Cause
Resolution
This configuration would be enabled using this command on the router:
aaa authorization exec default radius
On the ACE/Server administration interface:
Profile--> Add Profile
Name the profile appropriately
Add the attribute(s):
1. Service-Type
This attribute can be set to login (Regular User) or administrative-user
2. For further granularity of enable privileges add:
Vendor-Specific
Set the value to: 9 1 "shell:priv-lvl=15" (the 15 can range from 1 to 15 depending on your router enable privilege config)
Related Articles
Configuring a Restricted Agent to Control User Access Number of Views Configuring a restricted agent associated to a RADIUS client to control user access with RSA Authentication Manager 8.x. Number of Views Errors: ?User not in database? and 'User not on Agent Host' in ACE/Server activity log when trying to authenticate via RAD… Number of Views How to map a RADIUS attribute to a value that equals a user group for access control Number of Views Startup fails with 'Job for aveksa_server.service failed because the control process exited with error code' when starting… Number of Views
Trending Articles
Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory Mandatory Certificate Upgrade Required by 6th October 2025 for RSA MFA Agent for PAM, RSA MFA Agent for Apache, and Third … RSA Authentication Manager 8.9 Release Notes (January 2026)
Don't see what you're looking for?
