aaa authentication port-access radius-override
aaa authentication port-access radius-override {enable | disable}
no aaa authentication port-access radius-override {enable | disable}
Description
Enables or disables radius-override support at the interface context. When radius-override support is enabled, a new RADIUS overridden role is created with a combination of LUR/DUR along with RADIUS attributes for the corresponding client-role attributes such as VLANs
The no form of this command disables the support for radius-override.
The radius-override support is applicable only for Auth-role.
Usage
The following table describes the access-response for the combination of roles with radius-override enabled and disabled:
|
Combination of roles in Access-Accept |
Action with radius-override disabled |
Action with radius-override enabled |
|---|---|---|
|
Local User Role and RADIUS attributes |
Local User Role is applied |
New RADIUS Overridden role with Local User Role and RADIUS attributes is created and applied |
|
Downloadable User Role and RADIUS attributes |
Downloadable User Role is applied |
New RADIUS Overridden role with Downloadable User Role and RADIUS attribute is created and applied |
|
Local User Role and Downloadable User Role |
Local User Role is applied |
Local User Role is applied |
|
Local User Role, Downloadable User Role, and RADIUS attributes |
Local User Role is applied |
New RADIUS Overridden role with Local User Role and RADIUS attributes is created and applied |
Examples
Enabling radius-override support:
Disabling radius-override support:
Command History
|
Release |
Modification |
|---|---|
|
10.08 |
Command introduced |
Command Information
|
Platforms |
Command context |
Authority |
|---|---|---|
|
6200 6300 6400 |
config-if |
Administrators or local user group members with execution rights for this command. |
