06-04-2024 01:35 AM
Hello all, I receive the below error in ISE when trying to test aaa radius authentication on Cisco switch acting as authenticator. below is the test and error snapshots
06-04-2024 02:28 AM
- Initially from the first screen it seems that there are not any radius server's defined in the group 'radius' ; that being said and to make things clear and or avoid possible confusing on the switch I would advise to give the group another name then just 'radius' ; such as for instance authserversgroup , then change the running config accordingly.
M.
06-04-2024 03:13 AM
Thanks for your reply.
actually, the aaa config is being pushed by Cisco DNA center to the switch, so I assume config should be fine.
I did another test and intentionally typed wrong password. I got a rejection from the ISE server:
The error message appears when trying to authenticate with correct credentials. switch loses response with the ISE server for a period of time then everything restored again!
06-04-2024 03:57 AM
- Returning to the your initial screenshot I see :
%RADIUS-3-NOSERVERS: No radius hosts configured....
I still find this strange ; verify with show run | inc radius
M.
06-04-2024 09:21 AM
Hi,
This is the radius configuration:
06-04-2024 10:02 AM
- I can't see any real and or effective definitions of radius servers in there ; check for instance ,
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_rad/configuration/15-mt/sec-usr-rad-15-mt-book/sec-cfg-radius.html#GUID-30DFE6E1-876D-4C3D-AB45-0647D89A6AEA
M.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide