Configuring an ACL in a RADIUS server
The following information provides general guidelines for configuring a RADIUS server to specify RADIUS-assigned ACLs. It also provides an example configuration for a FreeRADIUS server application. To configure services on a specific RADIUS server application, see the documentation provided with that application.
A RADIUS-assigned ACL configuration in a RADIUS
server includes the following elements:
Nas-Filter-Rule attributes — standard and vendor-specific
ACL configuration, entered in the server, and associated with specific username/password or MAC address criteria, and comprised of ACEs entered in the server
A RADIUS-assigned ACL includes:
One or more explicit
permit
and/ordeny
ACEsAn implicit
deny in ip from any to any
ACE automatically applied after the last operator-created ACE