Buy or Renew
Buy or Renew
Cisco Community present at Cisco Live EMEA 2023. See you in Amsterdam! Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
404
Views
5
Helpful
1
Replies

AAA Authentication methods

Go to solution
murray.bown
Beginner
Beginner

‎11-17-2022 01:41 AM

Hello Guys,

I looking for some clarity on AAA Authentication configuration.

Problem Statement

Using the configuration below, when i logon with a user account that is valid in the RADIUS server i am able to successfully SSH to the switch, if however i try to use a local account i am unable to authenticate, i can see the failed authentications in the RADIUS server logs.

My understanding is that the AAA configuration should try its first method and then if unsuccessful failover to local authentication. 

Here is my config.

aaa group server radius RADIUS_GROUP
server name TEEIS0001
server name TEEIS0002
ip radius source-interface Vlan1
deadtime 5

aaa authentication login default group RADIUS_GROUP local
aaa authentication enable default enable

line vty 0 4
exec-timeout 30 0
privilege level 15
logging synchronous
transport input ssh
transport output ssh

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions
1 Reply 1

Go to solution
marce1000
VIP Mentor VIP Mentor
VIP Mentor

‎11-17-2022 05:15 AM

 

 - Check the reply from Kasrsten Iwen in this thread : https://community.cisco.com/t5/network-access-control/cisco-login-radius-and-local/td-p/2989344

 M.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers
Spotlight Award Nomination
Customers Also Viewed These Support Documents