cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

422
Views
0
Helpful
1
Replies

ASR9K radius authenticated user shows "No task IDs available"

Hi I am integrating ASR9K with freeradius server for AAA authentication and root-system access. User successfully gets authenticated but unable to configure or see the configuration. Below pasted is my configuration. Can someone help me with this!

 

CONFIGURATION

=============

radius source-interface Loopback0 vrf default
radius-server host 10.10.10.10 auth-port 1812 acct-port 1646
key 7 my-key-for-server
!
aaa accounting exec RAD start-stop group radius
aaa group server radius RAD
server 10.10.10.10 auth-port 1812 acct-port 1646
source-interface Loopback0
!
aaa authentication login AUTH local group radius

line template vty-radius
users group root-system
users group cisco-support
accounting exec RAD
login authentication AUTH
exec-timeout 10 0
access-class ingress OUT2IN
transport input ssh
cli whitespace completion
!
vty-pool default 0 10 line-template vty-radius


OUTPUT
======

RP/0/RSP0/CPU0:ASR9001-1#show user all
Sat Mar 23 02:05:01.685 GMT
Username: radius-user
Authenticated using method radius
User mhamid has the following Task ID(s):

No task ids available
RP/0/RSP0/CPU0:ASR9001-1#

1 ACCEPTED SOLUTION

Accepted Solutions
hslai
Cisco Employee

If you may use ISE instead and T+, our TAC team has shared Configure ASR9K TACACS with Cisco Identity Services Engine 2.4 - Cisco

Otherwise, you need to convert that info to RADIUS and FreeRadius equivalent, or check with either ASR9K or FreeRadius support resources.

View solution in original post

1 REPLY 1
hslai
Cisco Employee

If you may use ISE instead and T+, our TAC team has shared Configure ASR9K TACACS with Cisco Identity Services Engine 2.4 - Cisco

Otherwise, you need to convert that info to RADIUS and FreeRadius equivalent, or check with either ASR9K or FreeRadius support resources.

View solution in original post

Content for Community-Ad