Solved: Remove aaa-server configuration in pix

kjanakiraman · ‎11-30-2004

I have cisco pix 515 with version 6.x and i have configured radius authenitcation for client vpn connection. The radius server is windows 2003, and i have the following commands

aaa-server test protocol radius

aaa-server test (inside) host x.x.x.x1 password timeout 10.

The vpn is working fine, Now i want to change the radius server and i want to remove the command and add new one, but i am getting errors like

when i give

clear aaa-server test, Iget an error message

you must remove all AAA corresponding entries prior to

remove the last server in group test

When i give

no aaa-server test (inside) host x.x.x.x1 password timeout 10. I get

you must remove all AAA corresponding entries prior to

removing the last server in group test

When i give

no aaa-server test protocol radius i get

AAA servers configured! cannot remove server_tag.

I am in a loop. Can some one adivce me how to remove the aaa-server tag test from the firewall

Thanks in advance

matthew.long · ‎12-01-2004

you are probably still referencing it in the vpn setting somewhere.

e.g.

crypto map mymap client authentication TEST

You need to remove this first

View solution in original post

matthew.long · ‎12-01-2004

Can't you add the new server entry and then remove the old, this will avoid removing the last server in the list?

kjanakiraman · ‎12-01-2004

I can try that, but if i want to compeltely remove the radius from the network then i need to remove the aaa configuration from my firewall.

matthew.long · ‎12-01-2004

you are probably still referencing it in the vpn setting somewhere.

e.g.

crypto map mymap client authentication TEST

You need to remove this first

kjanakiraman · ‎12-01-2004

Thanks a lot