The authentication policy is working fine. Its the authorization policy that is not working fine.
-------------------------------------------
Original Message:
Sent: Dec 01, 2025 06:09 PM
From: mkk
Subject: Comware 7 radius user login using Cisco ISE not working.
Seems like you missed the authentication policy? Sadly can't help you on the Cisco ICE configuration.
C2-Vertrouwelijk
Original Message:
Sent: 12/1/2025 4:03:00 PM
From: capricorn80
Subject: RE: Comware 7 radius user login using Cisco ISE not working.
I dont have Tacas license
I tried this but still getting error.
Access Type = ACCESS_ACCEPT
H3C-Exec-Privilege = 3
This the error I can see on Cisco ISE
15011 Authorization Policy not configured
15019 Could not find selected Authorization Profiles
| Returned RADIUS Access-Reject |
|
Original Message:
Sent: Dec 01, 2025 03:31 PM
From: mkk
Subject: Comware 7 radius user login using Cisco ISE not working.
I think you can better choice for TACACS+ but RADIUS is also possible off course.
Radius Enforcement:
Type: Radius:H3C
Name: H3c-Exec-Privilege
Value = Manage (3)
3=admin
0=readonly
Example is based on Comware 5
------------------------------
Marcel Koedijk | MVP Expert 2024 | ACEP | ACMP | ACCP | ACDP | Ekahau ECSE | Not an HPE Employee | Opinions are my own
Original Message:
Sent: Dec 01, 2025 09:28 AM
From: capricorn80
Subject: Comware 7 radius user login using Cisco ISE not working.
Hi!
Anyone using Cisco ISE for Comware 7 radius admin login?
My radius configuration looks ok on the switch and the request is reaching Cisco ISE but I am getting error with authorization error -> Could not find selected Authorization Profiles.
I have tried different settings but nothing worked so far.
Access Type = ACCESS_ACCEPT
Service-Type = 6
H3C-User-Group = network-admin
Access Type = ACCESS_ACCEPT
Service-Type = 6
cisco-av-pair = "shell:roles=\"network-admin\""
Also tried few more but nothing worked so far.
If someone can help with this.
Thanks
-------------------------------------------