Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1070
Views
2
Helpful
15
Replies

WEBconsole Radius Authentication

kristiqirjako99
Level 1
Level 1

‎02-12-2024 06:48 AM

Hello,

I am having a problem with radius authentication on the web console. The connect with radius is OK, i can see the request which is accepted from the radius side, where i do prv-lvl=15, but at the webpage it just reloads and rerequires again the authentication, so I am not able to login. 

It looks like something is missing in the reply from RADIUS.Screenshot 2024-02-12 154255.pngScreenshot 2024-02-12 154358.png

15 Replies 15

balaji.bandi
Hall of Fame
Hall of Fame

‎02-12-2024 07:04 AM

Try different browser.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

kristiqirjako99
Level 1
Level 1
In response to balaji.bandi

‎02-12-2024 07:06 AM

The problem persists. If I turn off the radius authentification, and I keep it locally authenticated, all works fine

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to kristiqirjako99

‎02-12-2024 07:08 AM

Cheers  that browser is ok, what Radius ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

kristiqirjako99
Level 1
Level 1
In response to balaji.bandi

‎02-12-2024 07:10 AM

ClearPassScreenshot 2024-02-12 160952.png

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to kristiqirjako99

‎02-12-2024 07:55 AM

apoliogies, i would have asked this in the first instance, what Device mode and IOS code running on the device.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

MHM Cisco World
VIP
VIP

‎02-12-2024 07:06 AM

It is GUI of WLC wat you want to auth via radius?

MHM

0 Helpful

kristiqirjako99
Level 1
Level 1
In response to MHM Cisco World

‎02-12-2024 07:07 AM

GUI

0 Helpful

MHM Cisco World
VIP
VIP
In response to kristiqirjako99

‎02-12-2024 07:10 AM

Sorry dont get your answer' it GUI of WLC ?

MHM

0 Helpful

kristiqirjako99
Level 1
Level 1
In response to MHM Cisco World

‎02-12-2024 07:12 AM

Sorry, it is the GUI of a cisco switch 

MHM Cisco World
VIP
VIP
In response to kristiqirjako99

‎02-12-2024 07:14 AM

Ok' can I see how you config the SW.

MHM

0 Helpful

kristiqirjako99
Level 1
Level 1
In response to MHM Cisco World

‎02-12-2024 07:17 AM

These are the configurations regarding the HTTP Radius

aaa group server radius ADMIN-RAD-SERVERS
server name cppma
server name cppmb
deadtime 15
!
!/ Authorization list Radius local /!
aaa authentication login default group ADMIN-RAD-SERVERS local
aaa authorization console
aaa authorization config-commands
aaa authorization exec default group ADMIN-RAD-SERVERS local

ip http authentication aaa login-authentication default
ip http authentication aaa exec-authorization default
!/ Enable https server /!
ip http secure-server
ip ssh time-out 60
ip ssh authentication-retries 2
ip ssh version 2
ip scp server enable
!

0 Helpful

MHM Cisco World
VIP
VIP
In response to kristiqirjako99

‎02-12-2024 07:28 AM 

ip http authentication aaa

Then re add

ip http authentication aaa login-authentication default
ip http authentication aaa exec-authorization default

MHM

0 Helpful

kristiqirjako99
Level 1
Level 1
In response to MHM Cisco World

‎02-12-2024 07:35 AM

Nope, the problem persists. I can see the request in RADIUS, and also the privilege level is given, but there may be something missing from the Radius reply i think.

0 Helpful

MHM Cisco World
VIP
VIP
In response to kristiqirjako99

‎02-13-2024 10:45 AM

Debug aaa authorization <- share this if @Aref Alsouqi suggested not work for you.

MHM

0 Helpful
Customers Also Viewed These Support Documents