Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
563
Views
2
Helpful
3
Replies

Radius server on Nexus switches issue

Go to solution
timothy_MTS
Level 1
Level 1

‎10-28-2024 09:05 PM

Hello all,

Recently I am going to update our Microsoft infrastructure. It includes relocate the NPS RADIUS servers. 

My two Nexus 9000 switches configured with the RADIUS servers. Then I found a problem that I couldn't remove the old RADIUS servers from the switch configuration.

radius-server host 10.0.0.2 key MYKEY authentication timeout 1
radius-server host 10.0.0.1 key MYKEY authentication timeout 1
radius-server host 10.0.0.100 key MYKEY authentication
aaa group server radius RADSRVS
   server 10.0.0.2
   server 10.0.0.1
   server 10.0.0.100
   deadtime 2
   use-vrf management
   source-interface mgmt0

I tried to remove the server under

aaa group server radius RADSRVS

   no server 10.0.0.2

It prompts the error "specified RADIUS server not found, please configure it using radius-server host ... and then retry"

However, I can add the radius-server host 10.0.0.100 into it. I can also remove 10.0.0.100 too. Just the two servers 10.0.0.2 and 10.0.0.1 cannot be removed.

-------

I have removed the two servers 10.0.0.2 and 10.0.0.1 from my other Nexus 9000 switch successfully. So I don't think this is the configuration or command errors. Just not sure what's holding at the back.

Any idea?

Regards,

Timothy

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
M02@rt37
VIP
VIP

‎10-29-2024 12:06 AM

Hello @timothy_MTS 

Remove "aaa authentication login default group radius local" if configured then you will be able to remove the host...

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

View solution in original post

3 Replies 3

Go to solution
M02@rt37
VIP
VIP

‎10-29-2024 12:06 AM

Hello @timothy_MTS 

Remove "aaa authentication login default group radius local" if configured then you will be able to remove the host...

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Go to solution
timothy_MTS
Level 1
Level 1
In response to M02@rt37

‎10-29-2024 04:26 AM

Hello M02@rt37 

I checked there is a similar entry below. 

aaa authentication login default group RADSRVS local 
aaa authentication login mschap enable

in this case, I should remove the first line, then I can remove the host?

If after removing the host, do I need to add this aaa authentication login back?

Thanks

Timothy

0 Helpful

Go to solution
M02@rt37
VIP
VIP
In response to timothy_MTS

‎10-29-2024 05:19 AM

@timothy_MTS 

in this case, I should remove the first line, then I can remove the host? YES

If after removing the host, do I need to add this aaa authentication login back? YES

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
Top