Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
971
Views
0
Helpful
1
Replies

ACS3.3 Cannot authenticate using Radius from using an IOS Router

mariocabrejo
Level 1
Level 1

‎08-05-2004 05:45 PM - edited ‎03-10-2019 07:56 AM

Hi All,

I am having issues trying to get my ACS3.3 to authenticate Router users using Radius as the default list, this is the debug on the router(console). It promts for my user and the password and at the end the router shows: "% Backup Authentication"

Please let me know if I am missing something.

Thanks

01:08:16: AAA/AUTHEN/START (2085473922): using "default" list

01:08:16: AAA/AUTHEN/START (2085473922): Method=RADIUS

01:08:16: AAA/AUTHEN (2085473922): status = GETUSER

01:08:18: AAA/AUTHEN/CONT (2085473922): continue_login (user='(undef)')

01:08:18: AAA/AUTHEN (2085473922): status = GETUSER

01:08:18: AAA/AUTHEN (2085473922): Method=RADIUS

01:08:18: AAA/AUTHEN (2085473922): status = GETPASS

01:08:19: AAA/AUTHEN/CONT (2085473922): continue_login (user='admin')

01:08:19: AAA/AUTHEN (2085473922): status = GETPASS

01:08:19: AAA/AUTHEN (2085473922): Method=RADIUS

01:08:19: RADIUS: ustruct sharecount=1

01:08:19: RADIUS: Initial Transmit tty2 id 68 192.168.1.7:1645, Access-Request,

len 76

01:08:19: Attribute 4 6 08080808

01:08:19: Attribute 5 6 00000002

01:08:19: Attribute 61 6 00000005

01:08:19: Attribute 1 7 61646D69

01:08:19: Attribute 31 13 3139322E

01:08:19: Attribute 2 18 4B147A78

01:08:24: RADIUS: Retransmit id 68

01:08:29: RADIUS: Retransmit id 68

01:08:34: RADIUS: Retransmit id 68

01:08:39: RADIUS: No response for id 68

01:08:39: RADIUS: No response from server

01:08:39: AAA/AUTHEN (2085473922): status = ERROR

01:08:39: AAA/AUTHEN/START (2274727154): port='tty2' list='' action=LOGIN servic

e=LOGIN

01:08:39: AAA/AUTHEN/START (2274727154): Restart

01:08:39: AAA/AUTHEN/START (2274727154): no methods left to try

01:08:39: AAA/AUTHEN (2274727154): status = ERROR

01:08:39: AAA/AUTHEN/START (2274727154): failed to authenticate

01:08:41: AAA/AUTHEN: free_user (0x60B96E74) user='admin' ruser='' port='tty2' r

em_addr='192.168.1.7' authen_type=ASCII service=LOGIN priv=1

01:08:41: AAA: parse name=tty2 idb type=-1 tty=-1

01:08:41: AAA: name=tty2 flags=0x11 type=5 shelf=0 slot=0 adapter=0 port=2 chann

el=0

01:08:41: AAA/AUTHEN: create_user (0x60B96E74) user='' ruser='' port='tty2' rem_

addr='192.168.1.7' authen_type=ASCII service=LOGIN priv=1

01:08:41: AAA/AUTHEN/START (2811864077): port='tty2' list='' action=LOGIN servic

e=LOGIN

01:08:41: AAA/AUTHEN/START (2811864077): using "default" list

01:08:41: AAA/AUTHEN/START (2811864077): Method=RADIUS

01:08:41: AAA/AUTHEN (2811864077): status = GETUSER

Labels:
0 Helpful
1 Reply 1

gfullage
Cisco Employee
Cisco Employee

‎08-05-2004 08:57 PM

This is your problem:

01:08:24: RADIUS: Retransmit id 68

01:08:29: RADIUS: Retransmit id 68

01:08:34: RADIUS: Retransmit id 68

01:08:39: RADIUS: No response for id 68

01:08:39: RADIUS: No response from server

The router hasn't seen any response from the ACS server, and so goes to the backup authentication method. You need to check network connectivity between the router and the ACS server. Check the Failed Attempts log on the ACS server.

0 Helpful
Customers Also Viewed These Support Documents