Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1084
Views
0
Helpful
0
Replies

Proper configuration for Radius login

anousakisioannis
Level 1
Level 1

‎05-14-2018 03:06 AM - edited ‎02-21-2020 10:55 AM

Hello,

I try to configure radius authentication on L3 switches on my production using the below config:


(config)#aaa new-model
(config)#radius-server host RADIUS_IP key RADIUS_KEY
(config)#aaa authentication login default group radius local
(config)#line vty 0 4
(config-line)#login authentication default
(config-line)#end

When i configure it as above, i can connect with my windows credentials but i cannot execute conf t

I suppose this is happening because the privilege under vty 0 4 is 10


#sh run | sec line vty
line vty 0 4
privilege level 10
login local
transport input ssh
line vty 5 15
password 7 XXXXXXXXX
login
transport input telnet

 

Also, i have a generic admin user configured as below

username admin privilege 15 password 7 XXXXXXXXX


When i try login with admin user i also cannot execute conf t.

Can you please tell me if this is normal?

Also, my goal is, everyone here to login with personal account and privilege 15 but is in case radius is down or there is no connectivity, to be able to login with the generic admin account.

Is there any standard configuration for my case because i have searched a lot and i have not found something standard?

Finally, can you please tell me if radius key password and the actual data are being encrypted?

 

Thank you

 

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents