cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1661
Views
0
Helpful
4
Replies

AAA FreeRadius problem with IOS XR plateform

Dhaf54134
Level 1
Level 1

Hello Community,

 

to control access to routers in our Backbone, I decided to install a freeRadius Server

all thing are Ok with cisco IOS and IOS XE plateforme but I have an issue with IOS XR platforme.

I launched a debug in my FreeRadius Server when I was trying to connect to the IOS XR router, I noticed that  this string's added to the password account : "\000\005\004\003\002\001"

this's why the Radius server send an access-Reject

I don't Know why, I spent two days to debug this issue withou success.

 

Can anyone help me please ?

4 Replies 4

balaji.bandi
Hall of Fame
Hall of Fame

check this thread may help you :

 

https://community.cisco.com/t5/xr-os-and-platforms/ios-xr-and-freeradius/td-p/3795017

 

Can you post XR config to look - is this device authentication with radius right ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Hello BB,

thanks for this reply,

you can find bellow radius configuration :

 

radius-server host 172.21.201.161 auth-port 1812 acct-port 1813
key 7 06150A225E4B1D12000E

!
aaa group server radius auth_rad
server 172.21.201.161 auth-port 1812 acct-port 1813
vrf management
!
aaa authorization exec default group auth_rad local
aaa authentication login default group auth_rad local

 

what is the config on freeraidus side what autnetication ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Hi BB,

 

am using ntlm_auth by default.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: