Current Config:
line vty 0 10
authentication-mode scheme
user-role network-operator
protocol inbound ssh
idle-timeout 20 0
#
role default-role enable level-0 #Without this, you can login but you will #be instantly disconnected. Please note!
#
domain default enable system
#
domain system
authentication default radius-scheme test local
authorization default radius-scheme test local
accounting default radius-scheme test none
#
radius scheme test
primary authentication <public radius> key simple <password>
primary accounting <public radius> key simple <password>
timer response-timeout 10
user-name-format without-domain
#
super authentication-mode scheme local
super password role network-admin simple <Password>
public-key local create rsa
public-key local create dsa
ssh server acl <acl no>
ssh server enable
In Radius, Need a user called =24enab024= (Basically $enabl0# which means enable for level 0 user as you see above as the default user role.)
Within this user, have a reply attribute for this user to have the following:
shell:allowed-roles="network-admin"
For Daloradius, you should have the following when trying to add the attribute:
The below will only appear if you select Cisco as Manufacturer and choose the Cisco-AVPair under the Attributes tab.
Textbox=[shell:all......admin] Opr "=" reply(choose from dropbox)
Finally Solved and thought I should just show what I have to those that might need help.
#MSR#954#Radius#95x#freeradius#aaa