Hello, I am running into some issues getting RADIUS AAA working. I am using a Windows NPS server for RADIUS. I only need to setup a Admin access to this switch. A read-only/monitor profile is not needed.
I can see my authentication attempts being granted on the NPS server. With the correct policy being hit but I am never granted access to the switch. Do I need to send a specific VSA back to the switch to map user roles? I currently am not sending a VSA back to the switch from the RADIUS server.
The one thing that confused me in the Mellanox documentation is the: “aaa authorization map” command. Is this needed for successful authentication? I attempted to add “aaa authorization map default-user admin” however there was no change in behavior.
Current config is very basic:
aaa authentication login default local radius
radius-server host 1.2.3.4
radius-server host 1.2.3.4 key ********
Any help would be greatly appreciated.
Thanks