Security

Hi

I am encountering a problem with the purchase of Legrand brand PDUS as I cannot find the radius dictionary for the Legrand or Raritan vendor (the MAC of the device is 00:0d:5d:xx:xx:xx:xx).

Exactly: Model 6 460 13

My attempts to modify the xml have been null, I cannot perform a Whireshark as I am not "close" or capable equipment so I cannot analyze the flow.

Any idea other than logging in with local user?

thanks in advance

------------------------------
Sanchez Lopez
------------------------------

Do you have the User/Admin Guide for this product? Check in there if RADIUS/TACACS is supported for login. It starts by enabling RADIUS or TACACS on the device, and the user manual should cover RADIUS / TACACS attributes if supported. You may not need a RADIUS dictionary as many devices will use the standard IETF attributes. You could create a service matching this device's authentication traffic, from there find out the device is sending. You can even do a packet capture on ClearPass with the 'Collect Logs' feature.

------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------

Original Message:
Sent: May 24, 2022 07:36 AM
From: Sanchez Lopez
Subject: CPPM Radius Dictionary

Hi

I am encountering a problem with the purchase of Legrand brand PDUS as I cannot find the radius dictionary for the Legrand or Raritan vendor (the MAC of the device is 00:0d:5d:xx:xx:xx:xx).

Exactly: Model 6 460 13

My attempts to modify the xml have been null, I cannot perform a Whireshark as I am not "close" or capable equipment so I cannot analyze the flow.

Any idea other than logging in with local user?

thanks in advance

------------------------------
Sanchez Lopez
------------------------------

Hi Herman!

You gave me an idea and I tried again today capturing, checking Radius IETF and Legrand/Raritan support.

I found a way by applying an "Enforcement Profile" per role with the attributes:
Radius IETF > Filter-Id > Raritan:G{Admin}
Radius IETF > Filter-Id > Raritan:G{Operator}

Thanks for your help.

Original Message:
Sent: Jun 07, 2022 09:34 AM
From: Herman Robers
Subject: CPPM Radius Dictionary

Do you have the User/Admin Guide for this product? Check in there if RADIUS/TACACS is supported for login. It starts by enabling RADIUS or TACACS on the device, and the user manual should cover RADIUS / TACACS attributes if supported. You may not need a RADIUS dictionary as many devices will use the standard IETF attributes. You could create a service matching this device's authentication traffic, from there find out the device is sending. You can even do a packet capture on ClearPass with the 'Collect Logs' feature.

------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.

Original Message:
Sent: May 24, 2022 07:36 AM
From: Sanchez Lopez
Subject: CPPM Radius Dictionary

Hi

I am encountering a problem with the purchase of Legrand brand PDUS as I cannot find the radius dictionary for the Legrand or Raritan vendor (the MAC of the device is 00:0d:5d:xx:xx:xx:xx).

Exactly: Model 6 460 13

My attempts to modify the xml have been null, I cannot perform a Whireshark as I am not "close" or capable equipment so I cannot analyze the flow.

Any idea other than logging in with local user?

thanks in advance

------------------------------
Sanchez Lopez
------------------------------