[c-nsp] Sup 2T IOS 15.0SY or 15.1SY radius server for management auth inside VRF
Ulrik Ivers
ulrik.ivers at excanto.se
Sat Nov 15 10:36:05 EST 2014
Hi Gregor,
We are doing what I think you describe. SUP2T running 15.1(2)SY
Sanitized config:
radius server RADIUS1
address ipv4 10.10.10.10 auth-port 1645 acct-port 1646
aaa group server radius MGMT
server name RADIUS1
ip vrf forwarding MGMTVRF
ip radius source-interface Loopback1
Regards,
/Ulrik Ivers
-----Original Message-----
From: cisco-nsp [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Friedrich, Gregor
Sent: den 14 november 2014 09:44
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] Sup 2T IOS 15.0SY or 15.1SY radius server for management auth inside VRF
Hi
As I understand the documentation it's not possible to use radius server authentication for management (login , exec ) from inside VRF on IOS 15.0 15.1SY (SUP 2T). There is per VRF AAA, but that's for network authentication and accounting, right?
The radius-server command don't have the vrf option like snmp-server ...
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_aaa/configuration/15-sy/sec-usr-aaa-15-sy-book/sec-per-vrf-aaa.html#GUID-593433F7-F150-4B87-8B8B-4EAC6B5E14AA
Is there any other option?
Thanks
Gregor Friedrich
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list