cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4848
Views
15
Helpful
12
Replies

aaa server is not reachable

XXXX61371
Level 1
Level 1

I'm trying to use the switch as an 802.1x authenticator ,i'm using a switch connected to ise and a windows virtual machine 

i have a set of commands to use  ( see q3.png) , but while going through the commands , i found a portion of a code that i cannot use on my switch, can someone please let me know of the commands to use , also what ip address is 10.10.2.20 , is it my ise's ip address ,

when i get to the last part where  aaa group ISE-RADIUS username password new-code, i get the message : 

Trying to authenticate with Servergroup ISE-RADIUS

ESW1#fAAA server is not reachable

what can i do to make this successfull 

thanks 

 
 

 

12 Replies 12

balaji.bandi
Hall of Fame
Hall of Fame

May be the attachment missing here, what is the device here, what version IOS it running? can you post AAA portion of the config

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

okay ,sorry, i attached the file ,i'm trying to configure radius settings on a switch . how can i get the aaa config ? 

if you do not know how to get AAA config - issue the below command on the device and attach the output to this thread.

 

#show run

#show ver

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

show run : q4 and q5 

show ver : q6

Cisco 3640 is Multi-Service router -  for us to easily modify the config attach the config in a text file rather than image.

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

I'm using an L3 switch 

before we fix other things, First, I do not see any Default route in the device - from this device are you able to ping 192.168.233.147?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

yes i am able to ping it , it's my virtual machine thaht contains ISE , and i'm pinging from an l3 switch on gns3 but sometimes i get in a situation where i can't ping it ( when i put my computer in sleep mode or turn off gns3 ) i have to reinstall gns3 from scratch for it to be able to ping 

If this is Lab and running on GNS3, the question go to GNS3 forum - not here. (i guess)

 

maybe bug ( its been long i used GNS3 - after i discover PNETLab)

 

https://github.com/GNS3/gns3-gui/issues/2826

 

or you can ask question :

 

https://www.gns3.com/community/featured

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

i don't have a problem with gns3 , i have a problem with commands that i use on the switch to connect to the ise, when i use the test aaa command , please check the picture attached , the message changed on its own 

Thank you for the clarification - in relation to the Cisco device config - Make sure you set up NTP correctly basic setup.

 

Follow the below guide since you running old IOS code 12.X, Also check device logs and  ISE event Logs also for reference.

 

https://networkjutsu.com/implementing-wired-8021x/

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

thank you for your responses , i guess the commands don't work because i'm using an old format , can you tell me what commands i should use to do the commands on q3.png , thank you