show user-role

Syntax

show user-role [<ROLE-NAME>] [detailed]
    

Description

Show users role configuration.

Options

<ROLE-NAME>

Show user roles by role-name.

<ROLE-NAME> detailed

Show user roles in detail by role-name.

show user-role

Switch# show user-role 

 User Roles

  Enabled      : <Yes/No>
  Initial Role : denyall

  Type          Name
  ----------    ------------
  local         Employee
  local         Guest
  predefined    denyall

show user-role <ROLE-NAME>

Switch# show user-role captivePortalwithVSA

User Role Information

Name                              : captivePortalwithVSA
  Type                              : local
  Reauthentication Period (seconds) : 0
  Untagged VLAN                     : 610
  Captive Portal Profile            : use-radius-vsa
  Policy                            : cppolicy

show user-role detailed

The example shows how to configure user roles to use Clearpass as a Captive Portal. The Captive Portal URL is specified in a RADIUS VSA.

Switch# show user-role captivePortalwithVSA detailed

User Role Information
   Name                              : captivePortalwithVSA
   Type                              : local
   Reauthentication Period (seconds) : 0
   VLAN                              : 610
   Captive Portal Profile            : use-radius-vsa
     URL                             : (use RADIUS VSA)
   Policy                            : cppolicy

Statements for policy "cppolicy"
policy user "cppolicy"
     10 class ipv4 "cppm" action permit
     20 class ipv4 "steal" action redirect captive-portal
     30 class ipv4 "other" action permit
   exit

Statements for class IPv4 "cppm"
class ipv4 "cppm"
     10 match tcp 0.0.0.0 255.255.255.255 1.0.9.15 0.0.0.0 eq 80
     20 match tcp 0.0.0.0 255.255.255.255 1.0.9.15 0.0.0.0 eq 443
   exit

Statements for class IPv4 "steal"
class ipv4 "steal"
     10 match tcp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 eq 80
     20 match tcp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 eq 443
   exit

Statements for class IPv4 "other"
class ipv4 "other"
     10 match udp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 eq 53
     20 match udp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 eq 67
     30 match icmp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
   exit