cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2212
Views
5
Helpful
10
Replies

Need help with aaa configuration on cisco WS-C3548-XL using Radius authentication

SACHIN SHARMA
Level 1
Level 1

Hi All ,

we are configuring all our network switches with Radius authentication ,we are able to roll out on most of the switches successfully ,but the cisco WS-C3548-XL (C3500XL-C3H2S-M) switch with IOS Version 12.0(5)WC8, RELEASE SOFTWARE (fc1)  is not accepting our default configuration commands as below

aaa new-model

aaa authentication login default group radius local

ip radius source-interface VlanXX ( Specify Management Vlan)

radius-server host XX.XX.XX.XX auth-port 1645 acct-port 1646 key *******

radius-server source-ports 1645-1646 aaa new-model

Any help regarding this is appreciated.

1 Accepted Solution

Accepted Solutions

edwjames
Level 3
Level 3

Hi Kalyan,

What is the error message that you receive?

See if this helps:

https://supportforums.cisco.com/thread/218313

**Share your knowledge. It’s a way to achieve immortality.
--Dalai Lama**

Please Rate if helpful.
Regards
Ed

**Share your knowledge. It’s a way to achieve immortality. --Dalai Lama** Please Rate if helpful. Regards Ed

View solution in original post

10 Replies 10

edwjames
Level 3
Level 3

Hi Kalyan,

What is the error message that you receive?

See if this helps:

https://supportforums.cisco.com/thread/218313

**Share your knowledge. It’s a way to achieve immortality.
--Dalai Lama**

Please Rate if helpful.
Regards
Ed

**Share your knowledge. It’s a way to achieve immortality. --Dalai Lama** Please Rate if helpful. Regards Ed

I do not know if this is just an artifact of cut and paste for this message or whether it is really what you are using, but this line would certainly be rejected for invalid syntax if you did input it to a switch

radius-server source-ports 1645-1646 aaa new-model

If it is just a cut and paste issue then I agree with Ed that we need more information about what part is not accepted and any messages that are generated. I would also appreciate some clarification about whether you are experiencing this problem on a single particular switch or whether you are experiencing it on several switches all of which are WS-C3548-XL (C3500XL-C3H2S-M)

HTH

Rick

HTH

Rick

Hi Rick,

that was a typo and yes it is happening on all similar switch models.

Hi Ed ,

it wont give any error i see it does not recognize the command format

Switch(config)#aaa new-model
Switch(config)#aaa authentication login default group radius local
Switch(config)#$auth-port 1645 acct-port 1646 key ******
radius-server host XX.XX.XX.XX auth-port 1645 acct-port 1646 key *****
  ^
% Invalid input detected at '^' marker.

Switch(config)#

Kalyan,

What do you get for :

"radius?"

try to use "?" to fill the command.

the syntax might be different on this guy.

**Share your knowledge. It’s a way to achieve immortality.
--Dalai Lama**

Please Rate if helpful.
Regards
Ed

**Share your knowledge. It’s a way to achieve immortality. --Dalai Lama** Please Rate if helpful. Regards Ed

Ed,

Here you go

Switch(config)#aaa new-model
Switch(config)#radius ?
% Unrecognized command
Switch(config)#

i just want to know which is the syntax equivalent of the below

radius-server host 172.26.0.11 auth-port 1645 acct-port 1646 key *****

What do you get if you try this

Switch(config)#aaa new-model
Switch(config)# ?

HTH

Rick

HTH

Rick

please see below

Switch(config)#aaa new-model

Switch(config)#?

Configure commands:

  aaa                         Authentication, Authorization and Accounting.

  access-list                 Add an access list entry

  alias                       Create command alias

  arp                         Set a static ARP entry

  banner                      Define a login banner

  boot                        Boot Commands

  buffers                     Adjust system buffer pool parameters

  cdp                         Global CDP configuration subcommands

  cgmp                        Global CGMP configuration commands

  class-map                   Configure QoS Class Map

  clock                       Configure time-of-day clock

  cluster                     Cluster configuration commands

  default                     Set a command to its defaults

  default-value               Default character-bits values

  downward-compatible-config  Generate a configuration compatible with older

                              software

  enable                      Modify enable password parameters

  end                         Exit from configure mode

  exception                   Exception handling

  exit                        Exit from configure mode

  file                        Adjust file system parameters

  help                        Description of the interactive help system

  hostname                    Set system's network name

  interface                   Select an interface to configure

  ip                          Global IP configuration subcommands

  line                        Configure a terminal line

  logging                     Modify message logging facilities

  mac-address-table           Configure the MAC address table

  map-class                   Configure static map class

  map-list                    Configure static map list

  no                          Negate a command or set its defaults

  ntp                         Configure NTP

  policy-map                  Configure QoS Policy Map

  priority-list               Build a priority list

  privilege                   Command privilege parameters

  queue-list                  Build a custom queue list

  rmon                        Remote Monitoring

  scheduler                   Scheduler parameters

  service                     Modify use of network based services

  shutdown                    Shutdown system elements

  snmp-server                 Modify SNMP parameters

  spanning-tree               Spanning Tree Subsystem

  stackmaker                  Specify stack name and add its member

  tacacs-server               Modify TACACS query parameters

  tftp-server                 Provide TFTP service for netload requests

  time-range                  Define time range entries

  udld                        Configure global UDLD setting

  username                    Establish User Name Authentication

  vmps                        VMPS settings

  vtp                         Configure global VTP state

Ed ,

See if this helps:

https://supportforums.cisco.com/thread/218313

i tried this on one of the switch and it worked ,i am trying on the other switches.

Awesome, lemme know how it goes..

Good to know.

**Share your knowledge. It’s a way to achieve immortality.
--Dalai Lama**

Please Rate if helpful.
Regards
Ed

**Share your knowledge. It’s a way to achieve immortality. --Dalai Lama** Please Rate if helpful. Regards Ed