CLI Config:
aaa on
aaa radius accounting off
aaa method radius 1
aaa method localdb 2
aaa radius host 10.3.18.19 1812 "XXXXXdGVzdGluZ3Nw" 5 5
aaa ldap idletimeout 600
aaa radius group 20
aaa localdb group default "g2"
aaa map group "radq1" "g1"
localdb account "ldu1" "XXXXXXXXXVcCzih8zuGcCg##1290873563"
localdb account "ldu2" "XXXXXXXXXQYffjBiv9PUeM##1290873565"
localdb account "liusheng" "XXXXXXXXXzQo8SggVBp7ZA##1282136084"
localdb group "g1"
localdb group "g2"
localdb member "g1" "ldu1"
localdb acl group "g1" "0 http:10.1.1.1 PERMIT"
localdb acl group "g1" "0 http:10.2.2.2 PERMIT"
Radius:
* add (radg1, Callback-id, =, radq1) in radgrouprely # Callback-id is utf-8 string, refer to http://en.wikipedia.org/wiki/Radius_Values
* sudo vi /etc/freeradius/clients.conf, add
-----------------------------------------
client 10.3.0.0/16 {
secret = testingsp
shortname = arrayoffice
}
Notes:
aaa localdb authorization usedefault # local author, seems that (authen+author didn't affect by this)