7-23
Configuring RADIUS Server Support for Switch Services
Configuring and Using Dynamic (RADIUS-Assigned) Access Control Lists
Configuring an ACL in a RADIUS Server
This section provides general guidelines for configuring a RADIUS server to
specify RADIUS-assigned ACLs. Also included is an example configuration for
a FreeRADIUS server application. However, to configure support for these
services on a specific RADIUS server application, please refer to the docu-
mentation provided with the application.
Note This application requires a RADIUS server having an IPv4 address. Clients can
be dual-stack, IPv4-only or IPv6-only.
A RADIUS-assigned ACL configuration in a RADIUS server includes the
following elements:
■ Nas-Filter-Rule attributes: standard and vendor-specific
■ ACL configuration, entered in the server, and associated with specific
username/password or MAC address criteria, and comprised of ACEs
entered in the server
A RADIUS-assigned ACL includes:
■ one or more explicit “permit” and/or “deny” ACEs
■ an implicit deny in ip from any to any ACE automatically applied after
the last operator-created ACE
To Next Page
Loading...
Need help?
General
