Re: AAA FreeRadius problem with IOS XR plateform

Dhaf54134 · ‎01-21-2021

Hello Community,

to control access to routers in our Backbone, I decided to install a freeRadius Server

all thing are Ok with cisco IOS and IOS XE plateforme but I have an issue with IOS XR platforme.

I launched a debug in my FreeRadius Server when I was trying to connect to the IOS XR router, I noticed that this string's added to the password account : "\000\005\004\003\002\001"

this's why the Radius server send an access-Reject

I don't Know why, I spent two days to debug this issue withou success.

Can anyone help me please ?

balaji.bandi · ‎01-21-2021

check this thread may help you :

https://community.cisco.com/t5/xr-os-and-platforms/ios-xr-and-freeradius/td-p/3795017

Can you post XR config to look - is this device authentication with radius right ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Dhaf54134 · ‎01-21-2021

Hello BB,

thanks for this reply,

you can find bellow radius configuration :

radius-server host 172.21.201.161 auth-port 1812 acct-port 1813
key 7 06150A225E4B1D12000E

!
aaa group server radius auth_rad
server 172.21.201.161 auth-port 1812 acct-port 1813
vrf management
!
aaa authorization exec default group auth_rad local
aaa authentication login default group auth_rad local

balaji.bandi · ‎01-21-2021

what is the config on freeraidus side what autnetication ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Dhaf54134 · ‎01-23-2021

Hi BB,

am using ntlm_auth by default.