cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1088
Views
0
Helpful
0
Replies
Ha Dao
Beginner

Cisco 4500 debug radius but empty output

Hi expert guys

I am trying to configure authentication login with radius server. This configuration is working fine with 2960, 3860, but something wrong with my 4507

- I am using Windows server radius services (following this guide line https://www.youtube.com/watch?v=KfJPqXfaKSE )

- From 2960, 3860: user privilege 15 and privilege 1 are authenticated right, i can see everything by "debug radius; terminal monitor"

- From 4507: user privilege 15 is authenticated fine, but user privilege 1 is not authenticated, and the crazy thing is that i can not see log with these commands "debug radius; terminal monitor" even user is authenticated or not.

 

4507 version and configurations:

sh version
Cisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSALK9-M), Version 03.06.06.E RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2016 by Cisco Systems, Inc.
Compiled Fri 16-Dec-16 21:17 by prod_rel_team

 

Cisco IOS-XE software, Copyright (c) 2005-2015 by cisco Systems, Inc.
All rights reserved. Certain components of Cisco IOS-XE software are
licensed under the GNU General Public License ("GPL") Version 2.0. The
software code licensed under GPL Version 2.0 is free software that comes
with ABSOLUTELY NO WARRANTY. You can redistribute and/or modify such
GPL code under the terms of GPL Version 2.0.
(http://www.gnu.org/licenses/gpl-2.0.html) For more details, see the
documentation or "License Notice" file accompanying the IOS-XE software,
or the applicable URL provided on the flyer accompanying the IOS-XE
software.

 

ROM: 15.0(1r)SG14
XXXX uptime is 44 weeks, 4 days, 21 hours, 37 minutes
Uptime for this control processor is 44 weeks, 4 days, 21 hours, 39 minutes
System returned to ROM by power-on
System restarted at 13:44:56 HaNoi Mon Jul 8 2019
System image file is "bootflash:/cat4500e-universalk9.SPA.03.06.06.E.152-2.E6.bin"
Jawa Revision 7, Snowtrooper Revision 0x0.0x1C

 

 

 

Radius configuration (same configuration with 2960 and 3860)

 

username xxx privilege 15 password a

aaa new-model

aaa group server radius RADIUS-SERVER

 server name RADIUS-68

 server name RADIUS-86

 

 

 

aaa authentication login default local group RADIUS-SERVER

aaa authorization exec default local group RADIUS-SERVER

 

radius server RADIUS-68

 address ipv4 x.x.x.x auth-port 1812 acct-port 1646

 key xxxxxx

radius server RADIUS-86

 address ipv4 x.x.x.x auth-port 1812 acct-port 1646

 key xxxxxx

 

privilege configure all level 1 interface

privilege exec level 1 show running-config

privilege exec level 1 show configuration

privilege exec level 1 show

 

ip radius source-interface Vlan1

 

===========

Tks so much

 

 

 

 

 

This video will demonstrate how to configure ssh authentication via active directory using radius on a cisco device.In our example, we used a catalyst 2960 s...
0 REPLIES 0
Content for Community-Ad