Re: AAA taking 20 secs to send the packet to radius server

khursheed.siddiqui · ‎06-25-2004

I have the following config. With this it is taking 20 sec to authenticate a user. I have looked the radius server running on linux it gets the packets approx in 20 sec and processes the request right away. Why cisco is taking 20 sec to send this packet.

aaa authentication login default group radius enable

aaa authentication login linmethod group radius enable

aaa authentication login vtymethod group radius enable

aaa authentication login conmethod group radius enable

aaa authentication enable default group radius enable

aaa authorization exec default if-authenticated group radius local

aaa accounting delay-start

aaa accounting exec default start-stop group radius

aaa accounting network default start-stop group radius

aaa accounting connection default start-stop group radius

aaa accounting system default start-stop group radius

aaa session-id common

Richard Burts · ‎06-25-2004

You have given us the authentication section of the config that includes 4 various ways to authenticate login processes. Could you post what in the router config uses each one? And could you tell us whether it takes 20 seconds to send to the server for all of them or which one is slow?

Also it would be very helpful if you would post the part of the config where you define the radius servers and any timeouts that are configured.

It sounds like the Cisco gets the attempt to login, is trying something, waits for it to time out, and then tries something else and sends to the radius server.

HTH

Rick