show user-role
Syntax
show user-role [<ROLE-NAME>] [detailed]
Description
Show users role configuration.
Parameters
- <ROLE-NAME>
Show user roles by role-name.
- <ROLE-NAME> detailed
Show user roles in detail by role-name.
show user-role
Switch#show user-role User Roles Enabled : <Yes/No> Initial Role : denyall Type Name ---------- ------------ local Employee local Guest predefined denyall
show user-role <ROLE-NAME>
switch#show user-role captivePortalwithVSA User Role Information Name : captivePortalwithVSA Type : local Reauthentication Period (seconds) : 0 Untagged VLAN : 610 Captive Portal Profile : use-radius-vsa Policy : cppolicy
show user-role detailed
The example shows how to configure user roles to use Clearpass as a Captive Portal. The Captive Portal URL is specified in a RADIUS VSA.
switch#show user-role captivePortalwithVSA detailed User Role Information Name : captivePortalwithVSA Type : local Reauthentication Period (seconds) : 0 VLAN : 610 Captive Portal Profile : use-radius-vsa URL : (use RADIUS VSA) Policy : cppolicy Statements for policy "cppolicy" policy user "cppolicy" 10 class ipv4 "cppm" action permit 20 class ipv4 "steal" action redirect captive-portal 30 class ipv4 "other" action permit exit Statements for class IPv4 "cppm" class ipv4 "cppm" 10 match tcp 0.0.0.0 255.255.255.255 1.0.9.15 0.0.0.0 eq 80 20 match tcp 0.0.0.0 255.255.255.255 1.0.9.15 0.0.0.0 eq 443 exit Statements for class IPv4 "steal" class ipv4 "steal" 10 match tcp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 eq 80 20 match tcp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 eq 443 exit Statements for class IPv4 "other" class ipv4 "other" 10 match udp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 eq 53 20 match udp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 eq 67 30 match icmp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 exit