qjmmo (qjmmo) asked a question.
Cisco AAA - Okta RADIUS Agent & Application
Hello!
I'm attempting to use Okta RADIUS to authenticate and authorize applicable Network ADMINs access to Cisco networking devices (switches & routers) for device MGMT. It seems like we've gotten the authentication process to work as desired, but we're unsuccessful with the authorization process. Users (NetAdmins) can successfully login (SSH VTY) to the Cisco switch, but can't run any commands due to "Command authorization failed." What RADIUS attributes/IDs are required on the Okta RADIUS application side to facilitate this use case?
Image is not available
Hi @qjmmo (qjmmo) , Thank you for reaching out to the Okta Community.
The Okta docs reference a few Cisco Examples:
https://help.okta.com/en-us/Content/Topics/integrations/fortinet-radius-intg-opt.htm
Don't know if they apply to AAA. My advice would be to check in with CISCO Support as that info is specific to them.
Have a great rest of the day!