05-19-2015 01:04 PM
I'm trying to set up our new Cisco UCS system for RADIUS authentication pointing to ClearPass. Anybody done this before? Any specific documentation about AV pairs or what to return for a passed authentication? I'm getting mixed results doing Google searches and it doesn't look like this one is built into ClearPass.
Solved! Go to Solution.
05-19-2015 07:14 PM
Have you tried creating a RADIUS enforcement profile using the following:
Using Radius:Cisco > Cisco AVP Pair > shell:<context-name>=<Role-name>
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
05-20-2015 12:29 PM
Found it...Victor was close:
The vendor ID for the Cisco RADIUS implementation is 009 and the vendor ID for the attribute is 001.
The following syntax example shows how to specify multiples user roles and locales if you choose to create the cisco-avpair attribute: shell:roles="admin,aaa" shell:locales="L1,abc". Use a comma "," as the delimiter to separate multiple values.