Re: AAA Radius - Line has invalid autocommand PPP negotiated

hmartinez05 · ‎05-08-2018

Having an issue setting up Radius.

After configuring the network policy and client, when i login, a message is quickly show and the session disconnected. The message is "Line has invalid autocommand PPP negotiated", what I've been able to test successfully is removing the following command :

aaa authorization exec default group Radius local

Once i do that, i pass login, but have go into exec mode manually.

I've read a few post, the common recommendation is remove "Framed Protocol - PPP" in radius, I've done this. Any suggestions?

AAA commands

aaa new-model

aaa group server radius Radius

Server x.x.x.x auth-port 1812 acct-port 1813

aaa authentication login default group Radius local

aaa authorization exec default group Radius local

radius-server host x.x.x.x auth-port 1812 acct-port 1813 key 0 [key]

tknight@mcelroy.com · ‎08-26-2019

Bump, I have this issue as well. PPP negotiate removed from the radius configuration. Seems to only happen on the newer IOSes.

I'm currently on 152.4 E8

pacsniffing · ‎04-09-2020

I've had partial success with this and found that in AD dial-in properties for the user account had to be set to Control Access through NPS network Policy. With that I was able to access the shell option and go right to enable mode........ but then it started rejecting AD accounts and only allowing 1 account in so back to the drawing board

jayznetwork · ‎02-25-2022

I have the same problem, can you tell me how to remove the frame-protocol ppp from radius?