3com 5500-SI Manual De Usuario
Setting Up the Cisco Secure ACS (TACACS+) server
665
The screen below shows specific RADIUS attributes having been selected for the
user. The user has the student profile selected and is assigned to VLAN 10
untagged.
user. The user has the student profile selected and is assigned to VLAN 10
untagged.
The RADIUS attributes need to have already been selected, see step 7 in Adding a
3Com Switch 5500 as a RADIUS client.
3Com Switch 5500 as a RADIUS client.
The User can now access the network through Network Login.
Adding a User for
Switch Login
Adding a user for switch login is slightly more complex, as 3Com specific RADIUS
attributes need to be returned to the 3Com Switch 5500. These RADIUS attributes
define the access level of the the user to the management interface.
attributes need to be returned to the 3Com Switch 5500. These RADIUS attributes
define the access level of the the user to the management interface.
Follow these steps:
1 Add the required RADIUS attributes to the Cisco Secure ACS server, by editing an
.ini file and compiling it into the Secure ACS RADIUS server using an application
called
called
csutil.exe
.
For example:
a Create 3Com.ini file with the following contents:
[User Defined Vendor]
Name=3Com
IETF Code=43
VSA 1=3Com-User-Access-Level
[3Com-User-Access-Level]
Type=INTEGER
Profile=OUT
Enums=3Com-User-Access-Level-Values
[3Com-User-Access-Level-Values]