Authentication/authorization GANYMEDE + based on the subnet of the user

Hi guys/girls

We have number of speeds of production, which are configured with Ganymede cisco + and all their work very well. But now I have an obligation to implement SSH-ver2 across the network, consist of about 8000 cisco gear.

I need to develop a proof of concept (POC), that activate SSH to gears production will not affect Ganymede + existing and authorized user authentication.

In our lab cisco gear, it was already configured with Ganymede + production for authentication and authorization server. Now, I am allowed to test SSH on these machines in the lab but I without disrupting other users who use the same laboratory-gears.

So, I want to activate SSH version 2 on these machines in lab-however, when the user from a certain specific subnet, this user must be authenticated and authorized by the LABORATORY Ganymede +, but no production Ganymede +, however please note that lab-gears, that I'm testing with also already configured for production Ganymede + server as well. These devices in the laboratory must be able to do authentication and authorization of two different Ganymede + server based on subnet of users that he or she coming.

Is - this plan is feasible? I am looking for documentation to implement the test of this method, is not successful.

Your comments will be appreciated and evaluated.

Thank you

Rizwan James

Adely,

It won't work, the Ganymede authentication begins once the ssh connection is established, the n (router or switch) will open a Ganymede connection and send the start indicator to the RADIUS server in which the 'getusername' message is sent from the RADIUS server to the device and the user terminal. You cannot create an acl in order to choose which Ganymede servers you can authenticate either. When it comes to authenticate users from a specific subnet to a server specific RADIUS which is not the design of Ganymede, when you configure multiple servers in a group is to ensure high availability such that when a Ganymede server goes down you have a secondary school continue with authentication requests from the.

Here is an example of how the RADIUS authentication is performed.

http://www.Cisco.com/en/us/Tech/tk59/technologies_tech_note09186a0080094e99.shtml#comp_traffic

Thank you and I hope this helps.

Tarik Admani
* Please note the useful messages *.

Tags: Cisco Security

Similar Questions

  • Hide a metadata profile based on the user role.

    Hi all

    I need to hide a metadata profile (log, update) based on the user role page. I have added metadata to a rule like "change" and added the rule to the profile. Now I want the metadata submitted must be visible for couple of user roles (admin, contributor) and it should be hidden for other user roles. How to achieve this?

    The content Server: 11.1.1.8

    Thank you

    Maury

    (1) create a rule that allows you to hide the metadata for all roles

    (2) create a new one which will show use the condition of activation of rule with building userHasRole("contributor")

  • Apex, language of login page set after the connection based on the user pref browser lang and application-based

    Hello

    Request Express 4.2.3.00.08

    I created an application of multi languaguage in which the language is defined by setting: FSP_LANGUAGE_PREFERENCE

    But the login page, I would like to than the login page to be displayed in the browsers language.

    The url of the application connection looks like as shown below but the & BROWSER_LANGUAGE. product always (English).

    f? p = & APP_ID.:LOGIN_DESKTOP: & SESSION. : FSP_LANGUAGE_PREFERENCE: & BROWSER_LANGUAGE.


    LOGIN_DESKTOP is an intermediate page that has one before branch header for the page of real connection if the FSP_LANGUAGE_PREFERENCE is set prior to the loading of the page.

    If I set the language set in this URL, it works as expected:

    f? p = & APP_ID.:LOGIN_DESKTOP: & SESSION. : FSP_LANGUAGE_PREFERENCE:nl - page Login Show in NL

    f? p = & APP_ID.:LOGIN_DESKTOP: & SESSION. : FSP_LANGUAGE_PREFERENCE:-see the login page in EN

    When I put the application to choose the language based on the browser language that it works, but then I am not able to have users to save their preferences for the next time they are connected.

    Any ideas on why & BROWSER_LANGUAGE. translates by "in" even though the language in the browser is different?

    See you soon

    Bottom

    OK, he stares at me

    For all those interested, this is how.

    Create a page additional empy (with alias page LOGIN_FORWARD_PAGE) and set the url to connect to the application of this new page and set the value of the application on BRANCH_TO_PAGE_ACCEPT:

    f? p = & APP_ID.: LOGIN_FORWARD_PAGE: & SESSION. : BRANCH_TO_PAGE_ACCEPT:

    On the page to create a pl/sql process submit before calculations similar to one below which affect the en language, if the browser is not NL (in Dutch):

    If upper (substr (owa_util.get_cgi_env ('HTTP_ACCEPT_LANGUAGE'), 1, 2)) = "NL" then

    : FSP_LANGUAGE_PREFERENCE: = "nl";

    on the other

    : FSP_LANGUAGE_PREFERENCE: = 'en ';

    end if;

    And create a branch to submit before the treatment which redirects to the current login page (the value of FSP_LANGUAGE_PREFERENCE is then already set and the application is configured to use this setting).

    After that loging in you can extract the FSP_LANGUAGE_PREFERENCE based on the user.

    BTW, I had to switch to 4.2.5 there in 4.2.3 is a bug preventing to set session state when you use BRANCH_TO_PAGE_ACCEPT!

  • How to highlight a line in IR based on the user name

    Hello
    What is the best way to highlight a line in an IR, based on the user name. IE APP_USER.
    Suppose that if an APP_USER connect to the application, the line corresponding to the APP_USER international registration should only be highlighted.
    (The button change is not visible in IR)

    Hello

    Value of APP_USER is uppercase. Your name column values are lowercase.
    Example of code I have after string comparison is case-sensitive.

    I don't have to change your action Dynamics example JavaScript to convert the value of the cell uppercase

    this.affectedElements.find('table.apexir_WORKSHEET_DATA td[headers="NAME"]').each(function(i){
    var lThis=$(this);
    if(lThis.text().toUpperCase()=="&APP_USER."){
        lThis.parent().children().css({"background-color":"#55A955"});
    }
});

    Now, it should work

    Kind regards
    Jari
    -----
    My Blog: http://dbswh.webhop.net/htmldb/f?p=BLOG:HOME:0
    Twitter: http://www.twitter.com/jariolai

  • Based on the user dashboard sign on

    Hello

    I have to design a dashboard page that loads based on Department and users. The modules is in a table, the table has two columns, username and the Department.

    NOTE: There must be a dashboard page, but the content must be different depending on the user that connects.

    Department of user name
    User1 sales
    User2 sales
    The util_3 sales
    ACCT user4
    USER5 Acct
    Utilisateur6 Mktg
    USER7 Mktg

    .....

    How to start this project? Help, please.

    Thank you.

    Hello
    Create groups based on departments to the RPD, to groups such as sales, accounting, marketing etc... Assign users to specific groups (this means Department underspecific users). Create these groups in the web under manage Presentation catalog groups and users.
    Now, create a page with section per group.
    I mean
    Section1 - sales
    Section 2 - accounts
    Section3 - Marketing
    etc...
    I mean applying security for sections (section per group) properties of the section-> permissions and give access to a section specific to the specific group (remove the Everyone group) as I mentioned above.
    Now place the tha reports in sections according to your requirement. Sales in the sales section reports, accounts in the section and so on.

    If you want to create a report based on this table (user & dept). Apply security at the level of the table data in the presentation layer of RPD (right click-> properties -? permissions-> Filter tab), the value of dept assignment specific to a specific group, that filters the data in the dept column based on the user login.

    Hope this helps you :-)

    Kind regards
    Srikanth

  • Show/Hide button, based on the user variable

    I have a variable "videoDone" which is set to 1 when the SWF on my Captivate slide is completed.

    My next button is hidden when the slide is displayed (Next hidden if the button videoDone = 0)

    How to make the next visible button without having the user to interact with something on the slide? I want to not visible when videoDone = 1?

    I can make it appear if I add a button to the screen that has a fast action (if videoDone = 1 show Next_button) but I want the next button to simply appear.

    You need an event to trigger an action, and Captivate has no time-based events. It is impossible with the timeline?

    Events / Actions (Advanced) - Captivate blog

  • Change the command prompt based on the user login

    Hello

    I work in 11.1.1.5(11g) OBIEE. In my environment, OBIEE is integrated with OAM and user gets if authenticate in the OID Database.I a requirement where in cases that we have two users(user1,user2) and guest (prompt1, 2 guest)

    Example:
    If 1 1 user login prompt should get the display and 2 2 so quick connection of the user should get a good view.

    Can anyone help on this?

    Thank you
    Padmini

    With the help of the Administration-> catalog manage set permissions at the prompt and add the page. Based on the permissions that they might see respective guests

    If brand aid

  • display based on the user

    Hi Experts,

    I have a requirement where I need to show the screen based on the logged in user.

    http://localhost:9000 web /-determinations9000/enquete/customrule/fr-u.s./attribut ~ interview_complete ~ global ~ global? user = comments

    If the user is prompted then 1 SCREEN appears
    If the user is not prompted SCREEN 2 is displayed.

    How this functionality can be achieved.
    The pointers will be of great help.

    Kind regards
    Sameer

    You are right to make this need to enter the user name in the session of rules somehow. So, there are 2 problems:
    1. the representation of the user in the session of rules
    2. how to manage the display of the different screens

    About 1, create a global attribute for the user name. The "user = comments" you see in the URL for OWD is not really used for anything anyone internally. The SecurityService does not work in the OPA at the present time. The user name (security token) is passed to the InterviewEngine at the time of session creation, but is not used. So to access that piece of information you can possibly create an OnRequireSessionEventHandler that you provide the user information and then create your own session and fill the username in the new session. (Ideally, you would use an OnSessionCreatedEventHandler but you do not have access to the SecurityToken recalled). Another option is to set up an OnRequestEventHandler and direct access to the web query to get the user name and write it in the session.

    2, regarding if it is a question that should be displayed differently for users, and then as you suggest a screen flow branching on the user name could then be used, or if you do not use the screen flows and instead to use attribute goals then use procedural rules to manage navigation. If this is the summary screen which should vary then, you place all the controls for each user in folders and apply attributes of visibility to the folder level to achieve the desired effect. (depending on how complicated and different screens 2 question are that you can use attributes of visibility on every control, i.e. to put the two logical screens in 1 OPA screen, just hide the irrelevant controls for specific user)

    Hope that helps.

  • Approver dynamic groups based on the user of the input values

    Hi all
    I need to create groups for approval in SOUL based on the input values by the user in a special SIT.
    For Ex: If the user eneters 'Yes' for a particular segment, I need to send a set of approvers and the user eneters 'no', so I need to send another group of approvers. Please let me know how it can be obtained by the SOUL.

    Thank you
    REDA

    Hello

    1 define an attribute in the SOUL who reads this segment of the table of transactions of SSHRC.
    2. create the conditions and rules based on this attribute to change permissions.

    Kind regards
    Laulagnet

  • Hide sections in the dashboard based on the user group

    Hello everyone

    Can I find out if certain sections of the dashboard can be hidden using guided the usergroup-based navigation? Links to this topic... I appreciate.

    Thanks in advance

    Hello

    guided navigation is the way to go. Now, you think to demand that triggers the guided navigation.
    Now, you can not use double in a normal request in OBIEE. If you need to use an existing column in a topic area:
    (1) for example, add column 'Calendar year' of the size of your time at your request.
    (2) add the same column at your request.
    3) click on the fx in the second column column, to change the formula.
    (4) modify the formula to: LOCATE ('GroupName', VALUEOF (NQ_SESSION. GROUP OF))
    The value in this column will be 0 when the user is not a member of GroupName and > 0 when it is a member of GroupName.
    (5) add a filter on the column: LOCATE ('GroupName', VALUEOF (NQ_SESSION. GROUP)) is equal to 0.

    Check the results:
    When the X user is member of GroupName, demand will cause no line. When the user X is not a member of GroupName, it won't.

    A note: when using 'A' as a groupname, you will have problems with this, because 'A' is also in "Administrators".

  • Dynamic columns based on the user login

    Dear Experts,

    Is it possible to display the columns dynamically according to the connection of the BI Publisher user?

    For example, if the report of RTF model has 10 columns in total and if I connect with a user named "abc", I should be able to see, say 6 columns containing information about the user "abc".

    And if I have connection with "xyz", I should be able to see, say 7 columns containing information about the user "xyz".

    I will be able to assign to which column should be displayed to the user who?

    If there is a way to achieve this scenario, please let me know as soon as possible, since there is an urgent need.

    Your help will be very appreciated.

    Thanks in advance!

    Yes, using: xdo_user_name in the SQL data model, you can get the details for user identification.

    Then use this model column RTF for display of the dynamic columns.

    Example:

    Select: xdo_user_name as USER_ID of the double

    In RTF

    Column header

    Column data

  • Show/hide fields based on the user's selection

    I know little of Javascript, but my first attempts to integrate it in Acrobat are bothersome. I have created a simple form where the user via a check box the number of people that he or she must register, then the form shows that several fields to complete. I tried to make it work with a single field, before I add more.

    In this example, I'm trying just to get the second hidden registered field if the user checks only 1 person to register. (I already know that I have issues when it comes to hide several fields).

    If (event.target.value == "0") {}

    this.getField("Registrant2").display = display.hide;

    }

    Given that I do not know what is the value of exports, try this:

    If (event.target.value! == 'Off') {}

    this.getField("Registrant2").display = display.hidden;

    }

    You can add an else clause so that the field is displayed when the check box is not selected:

    If (event.target.value! == 'Off') {}

    this.getField("Registrant2").display = display.hidden;

    } else {}

    this.getField("Registrant2").display = display.visible;

    }

    If this does ' t work, you don't maybe not the correct domain name. Verify that the console (Ctrl + J) to see all JavaScript errors are reported.

  • Home page by default for OBIEE 11 g based on the users and the wise group

    Hi all

    I'm using OBIEE 11 g.

    I need set the page default dashboard for the user and the wise group.

    EX:

    User1 is belongs to Group1 and Role1 - they need to see the default homepage as Dashboard1.

    User2 is belongs to the Group 2 and Role2 - they need to see the default homepage as Dashboard2.

    Kindly guide me to achieve.

    Please answer as soon as POSSIBLE.

    Thanks in advance.

    RR

    It is generally considered poor form to scream as soon as POSSIBLE to a question. http://www.CatB.org/ESR/FAQs/smart-questions.html

    As far as your question goes, it is that the CHEMINPORTAIL variable is for:

    http://docs.Oracle.com/CD/E23943_01/bi.1111/e10540/variables.htm#i1013436

    OBIEE - system (reserved variables) session variables | GerardNico.com (BI, OBIEE, data warehouse and OWB)

  • Filter drop-down list based on the user's input:

    Hello

    I have the list of the 50 States of the United States in the drop-down list.

    Ex: alabama

    Alaska

    Arizona

    Arkansas

    Lousiana

    When the user types 'a' in the drop down menu, the drop-down list should automatically expand and list only in alabama, alaska, arizona.

    When the user types "al", the drop-down list should be further refined to alabama and alaska.

    What I see is when the user types 'al', the list of jumps to lousiana and I won't.

    I think I should fight with javascript written on the drop-down list change event. It would be awesome if someone already have the solution to filter the list according to the user types in each letter.

    Thank you

    KC

    Hello

    Bruce has a very good explanation about it.

    This thread may help you. http://forums.Adobe.com/thread/518910?TSTART=0

    Thank you

    Sidonie.

  • Tax calculation based on the user in the box input and displaying the result.

    Thanks to WhyIsThisMe for starting me on my first draft script & Jono! I'm almost there with my purchase requisition form (90% manufactured from the tutorial).  Everything works except for the taxable column

    form.JPG

    I can't understand the correct syntax to check the value of the checkbox in the column taxable and then do the math for the tax based on user input in the field % tax

    (total * stateTaxPercent / 100)

    Essentially, I want to make the calculation only the taxable = 1, and then display the cumulative tax in the tax field.

    Should I use mouseup as trigger to perform the calculation of the tax and save the result as a variable and displays the variable in the tax field? Then if another taxable box gets checked, I could add the new calculation of the variable. Not sure whether in an elegant way to get there.

    ?

    I would put the following text in the change event of each taxable check box (in formcalc):

    If ($ == 1) then

    tax = tax + (amount * 0,0825)

    ElseIf ($ == 0) then

    tax = tax - (quantity * 0,0825)

    endif

    (where 'tax' is what you called your total tax box and the 'amount' is what you called your box of price).

Maybe you are looking for