Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
441
Views
0
Helpful
1
Replies

AAA authentication problem

a.srivastav
Level 1
Level 1

‎05-18-2011 01:23 AM - edited ‎03-10-2019 06:05 PM

Hi,

I have configured the cisco 2960 switch with AAA & the radius server is free radius. I am able to login into the switch when radius server is working.

But when radius server is not reachable, in that particular condition the switch doesn't move to local authentication configured on the switch.

Please check the below configuration of the switch & help me to sort out this issue.

aaa new-model
aaa group server radius radiuss
server 10.1.0.215 auth-port 1812 acct-port 1813
!
aaa authentication login default group radiuss enable
aaa authentication login CONSOLE local
aaa authentication enable default group radius
aaa authorization exec default group radius if-authenticated

radius-server host 10.1.0.215 auth-port 1812 acct-port 1813 key 7 071F285C422948514117171

radius-server retransmit 2

line con 0
exec-timeout 5 0
privilege level 15
password 7 14341B1B7D6F0417626173455E47060F
login authentication CONSOLE
line vty 0 4
access-class 91 in
exec-timeout 5 0
password 7 106D004F2C3B7B7F757E6A64812812d
transport input ssh
line vty 5 15
access-class 91 in
exec-timeout 5 0
password 7 106D000A061845jsajtqwkd327E6A64
  transport input ssh

Thanks

Labels:
0 Helpful
1 Reply 1

Nicolas Darchis
Cisco Employee
Cisco Employee

‎05-18-2011 10:59 PM

aaa authentication login default group radiuss enable

you need to add "local" at the end if I'm not mistaken

0 Helpful
Customers Also Viewed These Support Documents