03-01-2015 01:29 AM - last edited on 03-25-2019 05:32 PM by ciscomoderator
yesterday i succeed to use aaa to login and can see aaa in sh aaa session
https://murison.wordpress.com/2010/11/11/cisco-radius-configuration-with-server-2008-r2/
today i simulate again, it access denied, do not know where is wrong
win 192.168.2.12 --- switch 192.168.2.5 --- 192.168.2.1 R1
R1
conf t
hostname router1
int FastEthernet0/0
ip address 192.168.2.1 255.255.255.0
no shut
end
conf t
ip route 192.168.2.0 255.255.255.0 192.168.2.5
end
enable
configure terminal
enable secret cisco
end
conf t
aaa new-model
username radiusclient privilege 15 password 0 cisco
crypto key generate rsa
ip ssh time-out 60
ip ssh version 2
line vty 0 4
transport input ssh
exit
line vty 5 15
transport input ssh
exit
ip domain-name radius1.local
radius-server host 192.168.2.12
radius-server key cisco
aaa group server radius NPSSERVER
server 192.168.2.12
exit
aaa authentication login default group NPSSERVER local
aaa authorization exec default group NPSSERVER local
exit
R2
conf t
vlan 10
int vlan 10
ip address 192.168.2.5 255.255.255.0
end
conf t
hostname router2
int FastEthernet1/0
switchport
switchport access vlan 10
switchport mode access
shutdown
no shut
end
conf t
hostname router2
int FastEthernet1/1
switchport
switchport access vlan 10
switchport mode access
shutdown
no shut
end
conf t
hostname router2
int FastEthernet1/2
switchport
switchport access vlan 10
switchport mode access
shutdown
no shut
end
R3
conf t
hostname router3
int FastEthernet0/0
ip address 192.168.2.7 255.255.255.0
no shut
end
conf t
ip route 192.168.2.0 255.255.255.0 192.168.2.5
end
03-01-2015 03:35 PM
Hi,
The configuration looks fine. What do you see in radius server as the reason for authentication failure?
Regards,
Kanwal
Note: Please mark answers if they are helpful.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide