Part 2: Ers8600 Configuration With Specific Commands Disabled - Avaya ERS 8600 Technical Configuration Manual

Identity engines ignition server, ethernet routing switch, switch user authentication using identity engines ignition server

Hide thumbs Also See for ERS 8600:

Table of Contents

avaya.com

2.2 Part 2: ERS8600 Configuration with Specific Commands

Disabled

In this part, we will use the same configuration used in the previous example, but, we will restrict the read-

write ERS8600 user (user name = 8600rw) to deny access to the CLI QoS and Filter configuration

("config qos" or "config filter").

2.2.1 ERS8600 Configuration

Enable the user access profile parameter on the ERS8600.

ERS8600-1 Step 1 – Enable the RADIUS cli-profile by setting the value to true

ERS-8606:5# config radius cli-profile-enable true

2.2.2 IDE Setup

2.2.2.1

Configure Outbound attributes to deny ERS8600 CLI commands

Using the same base configuration from the previous step, we will simple add the CLI commands we wish

to deny to the read-write user. In this example, this will apply only to the user 8600rw.

IDE Step 1 – IDE already has the vendor specific attributes defined, Bay Networks vendor code

1584 using attribute types 194 and 195 for the ERS8600 which can be viewed by going to Site

Configuration -> Provisioning -> Vendors/VSAs -> Bay-Networks -> VSA Definitions.

Switch User Authentication using Identity Engines Ignition Server Technical Configuration Guide

[July 2010

Table of Contents

Show Quick Links

Table of Contents

Ers 5500 Ers 5600 Ers 8300 Ers 4500 Ers 460 Ers 2500 ... Show all