Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
14782
Views
5
Helpful
1
Replies

WARNING: Command has been added to the configuration using a type 0 password

Go to solution
Anthony O'Reilly
Level 3
Level 3

‎06-21-2021 09:12 AM - edited ‎06-21-2021 09:19 AM

Hi,

I am configuring NAC on a customers site. We are now rolling NAC out to all branches.

I am configuring the radius servers on the switch

aaa group server radius ISE
server name ise01
server name ise02
ip radius source-interface vlan 2
!
exit
aaa authentication dot1x default group ISE
aaa authorization network default group ISE
aaa accounting update newinfo periodic 5
aaa accounting identity default start-stop group ISE
aaa accounting system default start-stop group ISE
aaa authorization console
aaa authorization config-commands
!
radius server ise01
address ipv4 1.1.1.1 auth-port 1812 acct-port 1813
key cisco123
!
radius server ise02
address ipv4 2.2.2.2 auth-port 1812 acct-port 1813
key cisco123
!
radius-server dead-criteria time 10 tries 5
radius-server attribute 6 on-for-login-auth
radius-server attribute 6 support-multiple
radius-server attribute 8 include-in-access-req
radius-server attribute 25 access-request include
radius-server attribute 31 mac format ietf upper-case
radius-server vsa send authentication
radius-server vsa send accounting
radius-server deadtime 5
!
aaa server radius dynamic-author
client 1.1.1.1 server-key cisco123
client 2.2.2.2 server-key cisco123
!

When I am configuring the key for the radius server, I get the following.

WARNING: Command has been added to the configuration using a type 0 password. However, type 0 passwords will soon be deprecated. Migrate to a supported password type

How should I configure the radius server on the switch so an IOS upgrade will not cause this to fail.

 

Switch Ports Model SW Version SW Image ------ ----- ----- ---------- ---------- * 1 54 WS-C2960X-48FPS-L 15.2(7)E3 C2960X-UNIVERSALK9-M

2 people had this problem
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marcelo Morais
VIP
VIP

‎06-21-2021 10:10 AM

Hi @Anthony O'Reilly ,

 please check the following post: 3850 FUJI 16.9 code TACACS+ configuration, search for: key config-key password-encrypt.

 

Hope this helps !!!

View solution in original post

1 Reply 1

Go to solution
Marcelo Morais
VIP
VIP

‎06-21-2021 10:10 AM

Hi @Anthony O'Reilly ,

 please check the following post: 3850 FUJI 16.9 code TACACS+ configuration, search for: key config-key password-encrypt.

 

Hope this helps !!!

Customers Also Viewed These Support Documents