CISCO SG200 RADIUS Authentication not working

john · ‎07-25-2018

Hello All,

I have set up a RADIUS Server using Windows NPS is working fine for our Cisco 3750 and 2960 switches. But we add a Cisco SG 200 Switch, we cannot login to that switch via WEBui using a RADIUS account.

Please help. Below is the accounting log we got from the NPS

<Event><Timestamp data_type="4">07/23/2018 10:31:27.184</Timestamp><Computer-Name data_type="1">xxxxx-VM-HOST2</Computer-Name><Event-Source data_type="1">IAS</Event-Source><User-Name data_type="1">netadmin</User-Name><NAS-IP-Address data_type="3">192.168.1.82</NAS-IP-Address><Client-IP-Address data_type="3">192.168.1.82</Client-IP-Address><Client-Vendor data_type="0">0</Client-Vendor><Client-Friendly-Name data_type="1">SG200</Client-Friendly-Name><Cisco-AV-Pair data_type="1">shell:priv-lvl=15</Cisco-AV-Pair><Proxy-Policy-Name data_type="1">Use Windows authentication for all users</Proxy-Policy-Name><Provider-Type data_type="0">1</Provider-Type><SAM-Account-Name data_type="1">xxxxx\netadmin</SAM-Account-Name><Class data_type="1">311 1 192.168.1.16 07/20/2018 09:05:35 13</Class><Authentication-Type data_type="0">1</Authentication-Type><NP-Policy-Name data_type="1">Cisco-Admin</NP-Policy-Name><Fully-Qualifed-User-Name data_type="1">xxxxx.com.bn/Access Network Devices/Network Admin</Fully-Qualifed-User-Name><Quarantine-Update-Non-Compliant data_type="0">1</Quarantine-Update-Non-Compliant><Packet-Type data_type="0">1</Packet-Type><Reason-Code data_type="0">0</Reason-Code></Event>
<Event><Timestamp data_type="4">07/23/2018 10:31:27.184</Timestamp><Computer-Name data_type="1">xxxxx-VM-HOST2</Computer-Name><Event-Source data_type="1">IAS</Event-Source><Class data_type="1">311 1 192.168.1.16 07/20/2018 09:05:35 13</Class><Fully-Qualifed-User-Name data_type="1">xxxxx.com.bn/Access Network Devices/Network Admin</Fully-Qualifed-User-Name><Client-IP-Address data_type="3">192.168.1.82</Client-IP-Address><Client-Vendor data_type="0">0</Client-Vendor><Client-Friendly-Name data_type="1">SG200</Client-Friendly-Name><Quarantine-Update-Non-Compliant data_type="0">1</Quarantine-Update-Non-Compliant><Proxy-Policy-Name data_type="1">Use Windows authentication for all users</Proxy-Policy-Name><Provider-Type data_type="0">1</Provider-Type><SAM-Account-Name data_type="1">xxxxx\netadmin</SAM-Account-Name><Authentication-Type data_type="0">1</Authentication-Type><NP-Policy-Name data_type="1">Cisco-Admin</NP-Policy-Name><Packet-Type data_type="0">3</Packet-Type><Reason-Code data_type="0">66</Reason-Code></Event>

john · ‎08-19-2018

Hellow Guys,

Please help.

Regards,

John