Solved: Secure-ACS: Special RADIUS-Attributes for Enterasys E7

rolf.fischer_2 · ‎03-30-2010

Hi,

we were running a pretty old version of the Cisco Secure ACS for AAA our network devices.

Unfortunately the server crashed an we had to install and set it up with a new server.

Using TACACS+ for our Cisco devices works fine.

We have a couple of switches made by a vendor called Nexans, which only support RADIUS - this works fine too.

Furthermore we still have some Enterasys E7 and with those RADIUS doesn't work at all.

Sniffering the packets, everything looks good.

With the old server it worked well.

Does anybody know if there are special configurations (e.g. attributes) when configuring an ACS for Enterasys RADIUS-Clients?

Thanks,

Rolf

Yudong Wu · ‎03-30-2010

try this

attribute [011] Filter-ID to "Enterasys:version=1:mgmt=su:"

View solution in original post

Yudong Wu · ‎03-30-2010

try this

attribute [011] Filter-ID to "Enterasys:version=1:mgmt=su:"

rolf.fischer_2 · ‎03-31-2010

Great, it works!

You saved my day ;-)

engahmed1975 · ‎03-22-2013

We have this configuration and works fine with our network and associate in a good manner also the policy which we have configured it on Enterasys in this way

Filter-Id===>

Enterasys:version=1:mgmt=su:policy=Administrator

.

After we make the update to ACS 5, the "ASA" consider this filter-id as access-list so it consider the field after the filter-id as the name of the acl, and diconnect the VPN connection.

Could soneone help me to resolve that.