Enabling snmp to configure radius – Brocade FastIron Ethernet Switch Security Configuration Guide User Manual

Brocade vendor-specific attributes for RADIUS (Continued)

TABLE 6

Attribute name

Attribute ID Data type Description

foundry-command-
exception-flag

3

integer

Specifies whether the commands indicated by the foundry-
command-string attribute are permitted or denied to the user.
This attribute can be set to one of the following:

• 0 - Permit execution of the commands indicated by foundry-

command-string, deny all other commands.

• 1 - Deny execution of the commands indicated by foundry-

command-string, permit all other commands.

foundry-access-list

5

string

Specifies the access control list to be used for RADIUS
authorization. Enter the access control list in the following
format.

type=string, value="ipacl.[e|s].[in|out] = [ acl-name | acl-number ]
separator macfilter.in = [ acl-name | acl-number ]

Where:

• separator can be a space, newline, semicolon, comma, or

null characater

• ipacl.e is an extended ACL; ipacl.s is a standard ACL.

foundry-MAC-
authent-needs-802x

6

integer

Specifies whether or not 802.1x authentication is required and
enabled.

0 - Disabled

1 - Enabled

foundry-802.1x-valid-
lookup

7

integer

Specifies if 802.1x lookup is enabled:

0 - Disabled

1 - Enabled

foundry-MAC-based-
VLAN-QOS

8

integer

Specifies the priority for MAC-based VLAN QOS:

0 - qos_priority_0

1 - qos_priority_1

2 - qos_priority_2

3 - qos_priority_3

4 - qos_priority_4

5 - qos_priority_5

6 - qos_priority_6

7 - qos_priority_7

Enabling SNMP to configure RADIUS

To enable SNMP access to RADIUS MIB objects on the device, enter a command such as the
following.

device(config)#enable snmp config-radius

Syntax: [no] enable snmp [ config-radius |config-tacacs ]

Enabling SNMP to configure RADIUS

FastIron Ethernet Switch Security Configuration Guide

63

53-1003088-03