Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2178
Views
0
Helpful
1
Replies

radius authentication

paul.clifford
Level 1
Level 1

‎01-28-2002 06:51 PM - edited ‎02-21-2020 09:58 AM

I am trying to configure radius authentication on 'telnet' and 'enable sec' to a router connected on the same lan, (172.16.99.10 -pc / 172.16.99.20 - Router). I am using a stellbelt radius server on the same pc i telnet from and when i debug the router i receive the following:

Router#deb radius authentication

Radius protocol debugging is on

Radius packet hex dump debugging is off

Radius packet protocol debugging is on

Router#

04:12:40: RADIUS/ENCODE(00000008): ask "Username: "

04:12:40: RADIUS/ENCODE(00000008): send packet; GET_USER

04:12:44: RADIUS/ENCODE(00000008): ask "Password: "

04:12:44: RADIUS/ENCODE(00000008): send packet; GET_PASSWORD

04:12:46: RADIUS/ENCODE(00000008): acct_session_id: 5

04:12:46: RADIUS(00000008): sending

04:12:46: RADIUS: Send to unknown id 5 172.16.99.20:1645, Access-Request, len 83

04:12:46: RADIUS: authenticator E4 49 3C 9B 64 02 6A E6 - 75 74 54 5C F2 8D 93

C3

04:12:46: RADIUS: User-Name [1] 7 "cisco"

04:12:46: RADIUS: User-Password [2] 18 *

04:12:46: RADIUS: NAS-Port [5] 6 6

04:12:46: RADIUS: NAS-Port-Type [61] 6 Virtual [5]

04:12:46: RADIUS: Calling-Station-Id [31] 14 "172.16.99.10"

04:12:46: RADIUS: Service-Type [6] 6 Login [1]

04:12:46: RADIUS: NAS-IP-Address [4] 6 0.0.0.0

04:12:46: RADIUS: Unsupported packet type

04:12:51: RADIUS: Retransmit id 5

04:12:51: RADIUS: Unsupported packet type

04:12:56: RADIUS: Retransmit id 5

04:12:56: RADIUS: Unsupported packet type

04:13:01: RADIUS: Retransmit id 5

04:13:01: RADIUS: Unsupported packet type

04:13:06: RADIUS: Tried all servers.

04:13:06: RADIUS: No valid server found. Trying any viable server

04:13:06: RADIUS: Tried all servers.

04:13:06: RADIUS: No response for id 5

04:13:06: RADIUS/DECODE: parse response no app start; FAIL

04:13:06: RADIUS/DECODE: parse response; FAIL

04:13:08: RADIUS/ENCODE(00000008): ask "Username: "

04:13:08: RADIUS/ENCODE(00000008): send packet; GET_USER

The config oin the router is as follows:

hostname Router

!

aaa new-model

!

aaa authentication login use-radius group radius

aaa authorization exec default group radius if-authenticated

aaa session-id common

enable secret 5 $1$h0.6$iS0Z6sa3EN8mVBmgXfTP70

!

radius-server host 172.16.99.20 auth-port 1645 acct-port 1646

radius-server retransmit 3

radius-server key cisco

!

line con 0

login authentication use-radius

line aux 0

line vty 0 4

login authentication use-radius

The radius server is setup with the following:

RAS Clients

Client name: Router

IP address: 172.16.99.20

Make/Model: Cisco IOS 11.1 or later

Users

User name: CISCO

User type: Native user

Pass: cisco

Labels:
0 Helpful
1 Reply 1

ciscomoderator
Community Manager
Community Manager

‎02-01-2002 09:04 PM

Often times complex troubleshooting issues are best addressed in an interactive session with one of our trained technical assistance engineers. While other forum users may be able to help, it’s often difficult to do so for this type of issue.

To utilize the resources at our Technical Assistance Center, please visit http://www.cisco.com/tac and to open a case with one of our TAC engineers, visit http://www.cisco.com/tac/caseopen

If anyone else in the forum has some advice, please reply to this thread.

Thank you for posting.

0 Helpful
Customers Also Viewed These Support Documents