Enabling snmp to configure radius – Brocade TurboIron 24X Series Configuration Guide User Manual

Page 139

Advertising
background image

Brocade TurboIron 24X Series Configuration Guide

105

53-1003053-01

Configuring RADIUS security

Enabling SNMP to configure RADIUS

To enable SNMP access to RADIUS MIB objects on the device, enter a command such as the
following.

TurboIron(config)#enable snmp config-radius

Syntax: [no] enable snmp <config-radius | config-tacacs>

The <config-radius> parameter specifies the RADIUS configuration mode. RADIUS is disabled by
default.

The <config-tacacs> parameter specifies the TACACS configuration mode. TACACS is disabled by
default.

TABLE 24

Brocade vendor-specific attributes for RADIUS

Attribute name

Attribute ID

Data type

Description

foundry-privilege-level

1

integer

Specifies the privilege level for the user. This
attribute can be set to one of the following:

0 - Super User level – Allows complete
read-and-write access to the system. This is
generally for system administrators and is
the only management privilege level that
allows you to configure passwords.

4 - Port Configuration level – Allows
read-and-write access for specific ports but
not for global (system-wide) parameters.

5 - Read Only level – Allows access to the
Privileged EXEC mode and CONFIG mode of
the CLI but only with read access.

foundry-command-string

2

string

Specifies a list of CLI commands that are
permitted or denied to the user when RADIUS
authorization is configured.
The commands are delimited by semi-colons (;).
You can specify an asterisk (*) as a wildcard at
the end of a command string.
For example, the following command list
specifies all show and debug ip commands, as
well as the write terminal command:
show *; debug ip *; write term*

foundry-command-exception-fl
ag

3

integer

Specifies whether the commands indicated by
the foundry-command-string attribute are
permitted or denied to the user. This attribute can
be set to one of the following:

0 - Permit execution of the commands
indicated by foundry-command-string, deny
all other commands.

1 - Deny execution of the commands
indicated by foundry-command-string,
permit all other commands.

Advertising
Popular Brands
Popular manuals