Assigning privileges on ASA with RADIUS

Answered Question
Sep 1st, 2010
User Badges:

Hello. I'm using ASA 5510 8.2, ACS 4.2 for windows and RADIUS for auth.


I would like to assign priv level to user on logon. Docs says that I have to send Cisco VAS CVPN3000-Privilege-Level (id is 220), but I can't see this option in Interfaces configuration.


How do I set this attribute in ACS? Maybe somehow i can manually specify VAS?


Thank you.

Correct Answer by Javier Henderson about 6 years 9 months ago

You can control the maximum privilege level with that AV pair, but you cannot assign a privilege level upon login like you can do with exec authorization on IOS.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Javier Henderson Thu, 09/02/2010 - 09:54
User Badges:
  • Cisco Employee,

You can control the maximum privilege level with that AV pair, but you cannot assign a privilege level upon login like you can do with exec authorization on IOS.

Actions

This Discussion