- CheckMates
- :
- Products
- :
- CloudMates Products
- :
- Cloud Network Security
- :
- Discussion
- :
- Re: Radius Authentication on VMSS
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Radius Authentication on VMSS
Hi
I have an issue where I am trying to configure Radius auth to the firewalls that will be replicated during a scale out event, is this possible ?
I have considered the possibility of simply adding the clish commands to the autoprov script could this work? any help will be greatly appreciated.
Thank you in advance,
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Try this:
- create a script in the SMS --> vi $FWDIR/conf/autoscaling-new-instance.sh
- add the line below in the shell script:
#! /bin/bash
clish -c 'add aaa radius servers priority 1 host <@IP> port 1812 secret timout 30'
clish -c 'add aaa radius servers default-shell /bin/bash'
clish -c 'add aaa radius servers super-user-uid 0' - Assign the execute permission to the shell script --> chmod u+x $FWDIR/conf/autoscaling-new-instance.sh
- Configure CME and set the relevant template to use this script --> autoprov_cfg set template –tn <CONFIGURATION-TEMPLATE-NAME> –cg $FWDIR/conf/autoscaling-new-instance.sh
You can add other command in the script for automation purpose.
Regards
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Try this:
- create a script in the SMS --> vi $FWDIR/conf/autoscaling-new-instance.sh
- add the line below in the shell script:
#! /bin/bash
clish -c 'add aaa radius servers priority 1 host <@IP> port 1812 secret timout 30'
clish -c 'add aaa radius servers default-shell /bin/bash'
clish -c 'add aaa radius servers super-user-uid 0' - Assign the execute permission to the shell script --> chmod u+x $FWDIR/conf/autoscaling-new-instance.sh
- Configure CME and set the relevant template to use this script --> autoprov_cfg set template –tn <CONFIGURATION-TEMPLATE-NAME> –cg $FWDIR/conf/autoscaling-new-instance.sh
You can add other command in the script for automation purpose.
Regards
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Absolutely awesome, thank you very much for that information, I have been searching for ages for clear concise instructions like that.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Parameter | Value | Description |
---|---|---|
|
CUSTOM_GATEWAY_SCRIPT |
A path of a script on the Management Server that will be run on the gateways after the policy installation. You can add parameters to the script by separating them with spaces. The script should be located in $FWDIR/conf directory, which should only have admin read permissions. For example: " You can set one custom gateway script for each template. If you configure Management Data Plane Separation (MDPS), ensure the script is compatible. |
Adding this for searchability of CME gateway script examples.