Dell PowerConnect B-RX Configuration Manual page 177
Bigiron rx series configuration guide v02.7.02
Hide thumbs
Also See for PowerConnect B-RX:
- Configuration manual (1458 pages) ,
- Getting started manual (32 pages) ,
- Installation manual (240 pages)
Table of Contents
Advertisement
Configuring Exec authorization
NOTE
Before you configure RADIUS exec authorization on the BigIron RX, make sure that the aaa
authentication enable default radius command or the aaa authentication login privilege-mode
command exist in the configuration.
When RADIUS exec authorization is performed, the device consults a RADIUS server to determine
the privilege level of the authenticated user.
To configure RADIUS exec authorization on the device, enter the following command.
BigIron RX(config)# aaa authentication exec default radius
Syntax: aaa authentication exec default radius | none
If you specify none, or omit the aaa authorization exec command from the device's configuration,
no exec authorization is performed.
NOTE
If the aaa authorization exec default radius command exists in the configuration, following
successful authentication the device assigns the user the privilege level specified by the
foundry-privilege-level attribute received from the RADIUS server. If the aaa authorization exec
default radius command does not exist in the configuration, then the value in the
foundry-privilege-level attribute is ignored, and the user is granted Super User access.
For the aaa authorization exec default radius command to work, either the aaa authentication
enable default radius command, or the aaa authentication login privilege-mode command must
also exist in the configuration.
Configuring command authorization
When RADIUS command authorization is enabled, the device consults the list of commands
supplied by the RADIUS server during authentication to determine whether a user can execute a
command he or she has entered.
You enable RADIUS command authorization by specifying a privilege level whose commands
require authorization. For example, to configure the device to perform authorization for the
commands available at the Super User privilege level (that is; all commands on the device), enter
the following command.
BigIron RX(config)# aaa authorization commands 0 default radius
Syntax: aaa authorization commands <privilege-level> default radius | tacacs+ | none
The <privilege-level> parameter can be one of the following:
•
•
•
BigIron RX Series Configuration Guide
53-1001810-01
0 – Authorization is performed (that is, the device looks at the command list) for commands
available at the Super User level (all commands)
4 – Authorization is performed for commands available at the Port Configuration level
(port-config and read-only commands)
5 – Authorization is performed for commands available at the Read Only level (read-only
commands)
Configuring RADIUS security
4
105
Advertisement
Table of Contents
