Security Management
358
Managed Switches
6. Verify that command authorization is set up for Telnet.
7. Using Linux on the RADIUS server, configure NETGEAR as the vendor and 4526 as the
vendor-specific value in the dictionary file for FreeRADIUS.
8. Using Linux on the RADIUS server, deny a user named eric access to specific commands in
the user file for FreeRADIUS.
(Netgear Switch) #show authorization methods
Command Authorization Method Lists
-------------------------------------
dfltCmdAuthList : none
commandList : radius
Line Command Method List
--------- ---------------------
Console dfltCmdAuthList
Telnet commandList
SSH dfltCmdAuthList
Exec Authorization Method Lists
-------------------------------------
dfltExecAuthList : none
Line Exec Method List
--------- ---------------------
Console dfltExecAuthList
Telnet dfltExecAuthList
SSH dfltExecAuthList
VENDOR netgear 4526
BEGIN-VENDOR netgear
ATTRIBUTE netgear-cmdAuth-deny 1 string
END-VENDOR netgear
eric Cleartext-Password := "testing"
Service-Type = Login-User,
netgear-cmdAuth-deny = "deny:poe *;spanningtree *;"
To Next Page
Loading...
