Configuring an ACL in a RADIUS server

The following information provides general guidelines for configuring a RADIUS server to specify RADIUS-assigned ACLs. It also provides an example configuration for a FreeRADIUS server application. To configure services on a specific RADIUS server application, see the documentation provided with that application.

A RADIUS-assigned ACL configuration in a RADIUS server includes the following elements:
  • Nas-Filter-Rule attributes — standard and vendor-specific

  • ACL configuration, entered in the server, and associated with specific username/password or MAC address criteria, and comprised of ACEs entered in the server

A RADIUS-assigned ACL includes:
  • One or more explicit permit and/or deny ACEs

  • An implicit deny in ip from any to any ACE automatically applied after the last operator-created ACE