Table of Contents
Advertisement
Configuring RADIUS Server Support for Switch Services
Configuring and Using Dynamic (RADIUS-Assigned) Access Control Lists
Note
7-22
Configuring an ACL in a RADIUS Server
This section provides general guidelines for configuring a RADIUS server to
specify RADIUS-assigned ACLs. Also included is an example configuration for
a FreeRADIUS server application. However, to configure support for these
services on a specific RADIUS server application, please refer to the docu-
mentation provided with the application.
This application requires a RADIUS server having an IPv4 address. Clients can
be dual-stack, IPv4-only or IPv6-only.
A RADIUS-assigned ACL configuration in a RADIUS server includes the
following elements:
■
Nas-Filter-Rule attributes: standard and vendor-specific
■
ACL configuration, entered in the server, and associated with specific
username/password or MAC address criteria, and comprised of ACEs
entered in the server
A RADIUS-assigned ACL includes:
one or more explicit "permit" and/or "deny" ACEs
■
an implicit deny in ip from any to any ACE automatically applied after
■
the last operator-created ACE
Hide quick links:
Advertisement
Table of Contents
