Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
794
Views
0
Helpful
2
Replies

RADIUS + Local authentication

scolombo
Cisco Employee
Cisco Employee

‎11-29-2004 08:28 AM - edited ‎03-10-2019 01:54 PM

I've the following problem.

I'm trying to configure a RADIUS + local authentication for both telnet and dial-in access.

So I've configured the router with the following lines

aaa new-model

aaa authentication login default radius local

aaa authentication ppp default radius local

When I try to telnet to the router I've been asked for a user and password

I provide a local username and password but the router checks only against the Radius server and fails to authenticate the local user .

What I'm Missing ?

Thanks

Stefano Colombo

Labels:
0 Helpful
2 Replies 2

Richard Burts
Hall of Fame
Hall of Fame

‎11-29-2004 01:20 PM

The local authentication will only be done if the router is not able to communicate with the radius server. If the router sends an authentication request to radius and gets back a pass or a fail then it will not try any more. Only if it tries to send an authentication request and gets no response or a response of unable to process will it try the local authentication.

HTH

Rick

HTH

Rick
0 Helpful

djoconnor
Level 1
Level 1

‎12-06-2004 03:26 AM

try it the other way around

ie I have

aaa group server radius rad_vty

server n.n.n.n auth-port 1645 acct-port 1646

aaa authentication login default local group rad_vty

(You might also need an aaa authorization exec default local group rad_vty)

0 Helpful
Customers Also Viewed These Support Documents