We configured all these parameters. What we were looking for is to match the group and xuth username and password so that a user is logged in only if both parameters matches. So that a person belonging to only that particular group will be able to log in.
For eg, a user belonging to a group test.com will have AAA username as email@example.com. Once authenticated by radius it will recheck the authorization parameters and allow him to log into the vrf. To achive this you have to pass ipsec:group-lock=1 parameter from radius in addition to the paramters Amit mentioned.
1. Introduction Internet security is important with the increasing
attacks that are happening every day. Many internet and browsing
security solutions exist, but some are not very easy to use or maybe the
question is how can I enable them? In this referen...
Cisco Software Manager Server API Guide This document describes the
programmatic interfaces, RESTful APIs, which are supported by Cisco
Software Manager Server (CSM Server). Overview CSM Server supports a set
of finite RESTful APIs. The first step to use ...
If you are using Cisco's new linux-based Cisco Software Manager server,
then you probably want to make sure there is a startup service for
it.I'll assume that you've already installed the CSM server on a
systemd-based linux system. The commands given belo...