Cisco Cisco Email Security Appliance C370D ユーザーガイド
8-333
Cisco IronPort AsyncOS 7.1 for Email Daily Management Guide
OL-22160-02
Chapter 8 Common Administrative Tasks
Adding Users
To assign RADIUS users to IronPort User roles, first set the CLASS attribute on
the RADIUS server with a string value of
the RADIUS server with a string value of
<radius-group>
, which will be mapped
to IronPort user roles. The CLASS attribute may contain letters, numbers, and a
dash, but cannot start with a dash. AsyncOS does not support multiple values in
the CLASS attribute. RADIUS users belonging to a group without a CLASS
attribute or an unmapped CLASS attribute cannot log into the appliance.
dash, but cannot start with a dash. AsyncOS does not support multiple values in
the CLASS attribute. RADIUS users belonging to a group without a CLASS
attribute or an unmapped CLASS attribute cannot log into the appliance.
If the appliance cannot communicate with the RADIUS server, the user can log in
with a local user account on the appliance.
with a local user account on the appliance.
Note
If an external user changes the user role for their RADIUS group, the user should
log out of the appliance and then log back in. The user will have the permissions
of their new role.
log out of the appliance and then log back in. The user will have the permissions
of their new role.
To enable external authentication using RADIUS:
Step 1
On the System Administration > Users page, click Enable. The Edit External
Authentication page is displayed.
Authentication page is displayed.
Step 2
Select the Enable External Authentication check box.
Step 3
Select RADIUS for the authentication type.
Figure 8-14
Enabling External Authentication Using RADIUS
Step 4
Enter the host name for the RADIUS server.
Step 5
Enter the port number for the RADIUS server. The default port number is 1812.