We have AAA configured as follows
aaa new-model
aaa authentication login default local group radius
aaa authentication enable default enable
aaa authorization exec default group radius if-authenticated
aaa session-id common
It was expected that switch will check the local username first and then Radius server. But it is not checking local username it's getting authenticated by RADUIS. even though default priority is for "local" and then "Radius group".
Please share the experience.
Thanks,
-Subodh