Solved: ASR9K radius authenticated user shows "No task IDs available"

Muhammad Hamid Ashraf · ‎03-23-2019

Hi I am integrating ASR9K with freeradius server for AAA authentication and root-system access. User successfully gets authenticated but unable to configure or see the configuration. Below pasted is my configuration. Can someone help me with this!

CONFIGURATION

=============

radius source-interface Loopback0 vrf default
radius-server host 10.10.10.10 auth-port 1812 acct-port 1646
key 7 my-key-for-server
!
aaa accounting exec RAD start-stop group radius
aaa group server radius RAD
server 10.10.10.10 auth-port 1812 acct-port 1646
source-interface Loopback0
!
aaa authentication login AUTH local group radius

line template vty-radius
users group root-system
users group cisco-support
accounting exec RAD
login authentication AUTH
exec-timeout 10 0
access-class ingress OUT2IN
transport input ssh
cli whitespace completion
!
vty-pool default 0 10 line-template vty-radius

OUTPUT
======

RP/0/RSP0/CPU0:ASR9001-1#show user all
Sat Mar 23 02:05:01.685 GMT
Username: radius-user
Authenticated using method radius
User mhamid has the following Task ID(s):

No task ids available
RP/0/RSP0/CPU0:ASR9001-1#

hslai · ‎03-25-2019

If you may use ISE instead and T+, our TAC team has shared Configure ASR9K TACACS with Cisco Identity Services Engine 2.4 - Cisco

Otherwise, you need to convert that info to RADIUS and FreeRadius equivalent, or check with either ASR9K or FreeRadius support resources.

View solution in original post

hslai · ‎03-25-2019

If you may use ISE instead and T+, our TAC team has shared Configure ASR9K TACACS with Cisco Identity Services Engine 2.4 - Cisco

Otherwise, you need to convert that info to RADIUS and FreeRadius equivalent, or check with either ASR9K or FreeRadius support resources.