03-23-2019 02:04 AM - edited 03-23-2019 02:07 AM
Hi I am integrating ASR9K with freeradius server for AAA authentication and root-system access. User successfully gets authenticated but unable to configure or see the configuration. Below pasted is my configuration. Can someone help me with this!
CONFIGURATION
=============
radius source-interface Loopback0 vrf default
radius-server host 10.10.10.10 auth-port 1812 acct-port 1646
key 7 my-key-for-server
!
aaa accounting exec RAD start-stop group radius
aaa group server radius RAD
server 10.10.10.10 auth-port 1812 acct-port 1646
source-interface Loopback0
!
aaa authentication login AUTH local group radius
line template vty-radius
users group root-system
users group cisco-support
accounting exec RAD
login authentication AUTH
exec-timeout 10 0
access-class ingress OUT2IN
transport input ssh
cli whitespace completion
!
vty-pool default 0 10 line-template vty-radius
OUTPUT
======
RP/0/RSP0/CPU0:ASR9001-1#show user all
Sat Mar 23 02:05:01.685 GMT
Username: radius-user
Authenticated using method radius
User mhamid has the following Task ID(s):
No task ids available
RP/0/RSP0/CPU0:ASR9001-1#
Solved! Go to Solution.
03-25-2019 06:27 AM
If you may use ISE instead and T+, our TAC team has shared Configure ASR9K TACACS with Cisco Identity Services Engine 2.4 - Cisco
Otherwise, you need to convert that info to RADIUS and FreeRadius equivalent, or check with either ASR9K or FreeRadius support resources.
03-25-2019 06:27 AM
If you may use ISE instead and T+, our TAC team has shared Configure ASR9K TACACS with Cisco Identity Services Engine 2.4 - Cisco
Otherwise, you need to convert that info to RADIUS and FreeRadius equivalent, or check with either ASR9K or FreeRadius support resources.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide