Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1086
Views
0
Helpful
2
Replies

AAA with RADIUS on ASA

Go to solution
Kimberly Adams
Level 3
Level 3

‎05-19-2011 09:03 AM - edited ‎03-10-2019 06:06 PM

Hey Everyone,

I am configuring AAA with RADIUS on our remote ASA firewalls.  This is pretty straight forward, but I have some firewalls that this is not working on.  I have upgraded the IOS image on the ASA 5510 to ASA804-K8.BIN on all of them.  The strange part is some of them are working and some of them are not working.

Just wondering if anyone else has come across this before and what info do you need to give me an assist.

Thanks in advance,

Kimberly

Thanks and Cheers! Kimberly Please remember to rate helpful posts.
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Herbert Baerten
Cisco Employee
Cisco Employee

‎05-19-2011 11:35 PM

Hi Kimberly,

just curious: why 8.0.4 and not 8.0.5 ?

What are you using radius for ? What is the radius server? Did you configure all the ASAs on the radius server(s) ? Did you use the correct shared secret?

Is there anything different between the working ASAs and the failing ones? Configuration, location in the network, etc?

If the above doesn't help please post the config of a failing ASA (or at least the relevant parts, and make sure to remove any sensitive data) and the output of:

debug radius

debug aaa authen

debug aaa common 254

You can test just the radius part with the cli command "test aaa-server authentication ..."

hth

Herbert

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Herbert Baerten
Cisco Employee
Cisco Employee

‎05-19-2011 11:35 PM

Hi Kimberly,

just curious: why 8.0.4 and not 8.0.5 ?

What are you using radius for ? What is the radius server? Did you configure all the ASAs on the radius server(s) ? Did you use the correct shared secret?

Is there anything different between the working ASAs and the failing ones? Configuration, location in the network, etc?

If the above doesn't help please post the config of a failing ASA (or at least the relevant parts, and make sure to remove any sensitive data) and the output of:

debug radius

debug aaa authen

debug aaa common 254

You can test just the radius part with the cli command "test aaa-server authentication ..."

hth

Herbert

0 Helpful

Go to solution
Kimberly Adams
Level 3
Level 3
In response to Herbert Baerten

‎06-01-2011 01:22 PM

Herbert,

Thank you for giving me ideas on which direction to head in with this.  I should have checked my team mate's work on adding the firewalls to the RADIUS server.  Now that I have added them in, they are all working great!

Thank you.

Kimberly

Thanks and Cheers! Kimberly Please remember to rate helpful posts.
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents