Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
654
Views
0
Helpful
2
Replies

AAA authentication with Steel Belted Radius Server (Juniper)

nimmi.phasil
Level 1
Level 1

‎08-12-2015 06:51 AM

Hi,

I have configured aaa authentication for Cisco 1905 with Steel Belted Radius Server (Juniper) .

2 users are created  - test1 for write access and test2 for read access.

SBR returns the right attribute for write and read access respectively.

But the write access and read access works as follows:

Write access

username : xxxxx

Password:  xxxxx

Router# 

priv level is 15

Read access:

username : xxxxx

password : xxxxx

Router >

Priv level is 1.

If en entered , it will ask for enable pw ; if user has en pw ; he will get privilege level 15.

Desired output is Router >en

% Auth failed% (It should not allow to enter the enable password).

If enable pw is disabled ;

Router >en

Router#

Cisco TAC says this is the normal behaviour.

But with TACACS server, user is not able to enter conf t or en.

Please suggest.

 

Regards

Nimmi MP

 

 

Labels:
0 Helpful
2 Replies 2

Vadim Semenov
Level 1
Level 1

‎08-25-2015 03:05 AM

Hi, Nimmi,

have you created these users in SBR as a Native Users? how do you granded privileges level to users?.. through Profiles in SBR?

0 Helpful

nimmi.phasil
Level 1
Level 1
In response to Vadim Semenov

‎10-01-2015 03:52 AM

Hi Vadim,

This is resolved when privilege access is configured .

 

0 Helpful
Customers Also Viewed These Support Documents