The response from the Radius server must contain the vendor specific attribute 2167.
This attribute tells to G450 the user access level:
See page 4 in
https://downloads.avaya.com/elmodocs2/p330/P330/Configuring%20Steel.pdf
ATTRIBUTE Cajun-Service-Type 26 [vid=2167 type1=1 len1=6 data=integer] R
VALUE Cajun-Service-Type Cajun-Read-Only-User 1
VALUE Cajun-Service-Type Cajun-Read-Write-User 2
VALUE Cajun-Service-Type Cajun-Admin-User 3
and page 2 in
https://downloads.avaya.com/elmodocs2/p330/P330/Configuring%20FreeRadius.pdf
VENDOR Cajun_p330 2167
ATTRIBUTE Cajun-Service-Type 1 integer Cajun_p330
VALUE Cajun-Service-Type Cajun-Read-Only-User 1
VALUE Cajun-Service-Type Cajun-Read-Write-User 2
VALUE Cajun-Service-Type Cajun-Admin-User 3
Also see this Application Notes document:
https://downloads.avaya.com/css/P8/documents/100017966
The G450 provides the following three privilege levels:
● Read-only. You can use the Read-only privilege level to view configuration parameters.
● Read-write. You can use the Read-write privilege level to view and change all configuration parameters except those related to security. For example, you cannot change a password with Read-write privilege level.
● Admin. You can use Admin privilege level to view and change all configuration parameters, including parameters related to security. Use Admin privilege level only when you need to change configuration that is related to security, such as adding new user accounts and setting the device policy manager source.
The default username has the Admin privilege level. For security reasons, the network administrator usually changes the password of the default username.
For more information about privilege levels, see Avaya G450 CLI Reference, 03-602056. (https://downloads.avaya.com/css/P8/documents/100041739)
