cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
404
Views
5
Helpful
1
Replies

AAA Authentication methods

murray.bown
Beginner
Beginner

Hello Guys,

I looking for some clarity on AAA Authentication configuration.

Problem Statement

Using the configuration below, when i logon with a user account that is valid in the RADIUS server i am able to successfully SSH to the switch, if however i try to use a local account i am unable to authenticate, i can see the failed authentications in the RADIUS server logs.

My understanding is that the AAA configuration should try its first method and then if unsuccessful failover to local authentication. 

Here is my config.

aaa group server radius RADIUS_GROUP
server name TEEIS0001
server name TEEIS0002
ip radius source-interface Vlan1
deadtime 5

aaa authentication login default group RADIUS_GROUP local
aaa authentication enable default enable

line vty 0 4
exec-timeout 30 0
privilege level 15
logging synchronous
transport input ssh
transport output ssh

1 Accepted Solution

Accepted Solutions
1 Reply 1

marce1000
VIP Mentor VIP Mentor
VIP Mentor

 

 - Check the reply from Kasrsten Iwen in this thread : https://community.cisco.com/t5/network-access-control/cisco-login-radius-and-local/td-p/2989344

 M.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers