sorry for the delayed reply i

ryancisco01 · ‎11-17-2015

Hi guys,

I am having a problem with our RADIUS and some new 1000v Switches. The issue is, the switches are not sending a NAS ID, this is required by the policy server. All our other cisco devices are workign fine, I can see the rror too, Is there any workaroudn for this:

debug:

radius: radius_update_request_state_for_server(1490): Using IP 0.0.0.0 as NAS IP.
radius: radius_update_request_state_for_server(1502): Can not find the source IP for destination IP *SERVERIP* to populate the NAS IP.

The device has only 1 Ip address, on the mgmt0 interface in a VRF called "management"

config:

ip radius source-interface mgmt0
radius-server host xxx key 7 "xxx" auth-port 1645 acct-port 1646 authentication accounting
radius-server host xxx key 7 "xxx" auth-port 1645 acct-port 1646 authentication accounting

aaa group server radius RADIUSAUTH
server xxx

   server xxx
    use-vrf management
    source-interface mgmt0

aaa authentication login default group RADIUSAUTH local

aaa accounting default group RADIUSAUTH

I have also tried these commands:

radius-server directed-request

aaa authentication login ascii-authentication

But it has not helped. Without a NAS ID the auth server will not process the request.

Javier Henderson · ‎11-20-2015

Can you please detail what version of NX-OS you're using? I'd like to try to reproduce this in the lab.

ryancisco01 · ‎12-05-2015

sorry for the delayed reply i didnt see your repsonse. we are running 4.2

thanks!

Cisco 1000v RADIUS Issue