cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

805
Views
0
Helpful
4
Replies
Dhaf54134
Beginner

AAA FreeRadius problem with IOS XR plateform

Hello Community,

 

to control access to routers in our Backbone, I decided to install a freeRadius Server

all thing are Ok with cisco IOS and IOS XE plateforme but I have an issue with IOS XR platforme.

I launched a debug in my FreeRadius Server when I was trying to connect to the IOS XR router, I noticed that  this string's added to the password account : "\000\005\004\003\002\001"

this's why the Radius server send an access-Reject

I don't Know why, I spent two days to debug this issue withou success.

 

Can anyone help me please ?

4 REPLIES 4
balaji.bandi
VIP Expert

check this thread may help you :

 

https://community.cisco.com/t5/xr-os-and-platforms/ios-xr-and-freeradius/td-p/3795017

 

Can you post XR config to look - is this device authentication with radius right ?

BB

***** Rate All Helpful Responses *****

How to Ask The Community for Help

Hello BB,

thanks for this reply,

you can find bellow radius configuration :

 

radius-server host 172.21.201.161 auth-port 1812 acct-port 1813
key 7 06150A225E4B1D12000E

!
aaa group server radius auth_rad
server 172.21.201.161 auth-port 1812 acct-port 1813
vrf management
!
aaa authorization exec default group auth_rad local
aaa authentication login default group auth_rad local

 

what is the config on freeraidus side what autnetication ?

BB

***** Rate All Helpful Responses *****

How to Ask The Community for Help

Hi BB,

 

am using ntlm_auth by default.

Content for Community-Ad