I have been at this for days now but can’t figure this out. We have purchased some Dell N2048P switches and I am in the process of setting them up. I have setup radius within the duo web portal for 2FA and the push to my phone with the DUO app works fine and I get logged into the switch. I am using [radius_server_auto] in the authproxy.cfg with client=ad_client. My questions are:
- What line of code do I need to use on these switches to put myself in the Privileged EXEC mode when logging in? I am having to type my local enable password after I get connected. I have asked Dell Support about this and they say this is a function of the Radius server itself that allows this to happen. I am guessing that I maybe add something to the authproxy.cfg to make this happen? Their actual quote is:
The rest of the configuration will need to be done on the RADIUS side, in this case Duo Security. With enable authentication set to RADIUS, as soon as the command enable is issued on the switch, it will then try to authenticate via the RADIUS server. If the RADIUS server is not configured to handle the enable scenario, then you will not be authenticated. I suggest contacting Duo Security, to see if they are able to accommodate enable authentication.
- Logging into into the web interface, I get prompted with the 2FA and I am able to get logged in. However I get a prompt upon logon that says “Please note that you are a level 1 user and do not have configuration privileges. This session is limited to read-only operations.” Any help with this will be appreciated!