Cisco Firepower Chassis Manager Radius Configuration

There are many configuration guides on the Cisco website with details about configuring RADIUS and TACACS+ on a Cisco Firepower Chassis Manager. See this link for the configuration guide for 2.0(1).

In this document, you can read the following comment:

Remote User Role Policy Controls what happens when a user attempts to log in and the remote authentication provider does not supply a user role with the authentication information:

  • Assign Default Role—The user is allowed to log in with a read-only user role.
  • No-Login—The user is not allowed to log in to the system, even if the username and password are correct.

But… it’s very hard to find what attributes are needed to assign a user the administrator role.

(more…)