Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
397
Views
0
Helpful
1
Replies

Disabled fips on a Nexus C93180YC-EX, now Radius-Server key changes.

Mark Jesseph
Level 1
Level 1

‎05-09-2023 11:28 AM

After disabling fips on a Nexus C93180YC-EX, NX-OS 9.3(11) switch, I tried installing Radius and notice the Radius-server key keeps changing automatically.  When I display "show run | include radius-server" a new key appears. Radius server creates an error mismatch key log when I try authenticating with Radius.  Has anyone seen this type of error before?

 

Labels:
0 Helpful
1 Reply 1

marce1000
VIP
VIP

‎05-10-2023 12:05 AM

 

 - Might be related to the "RADIUS server key wrap" feature in NX-OS. When this feature is enabled, the RADIUS key is automatically wrapped to provide additional security. To disable the RADIUS server key wrap feature, you can use the following command:
                                                                             no radius-server key wrap

  Configure  a radius key again , also verify it with : show radius-server key , (if needed repeat the command at intervals)
  If all of that does not help , disable AES encryption for the nx-os running-config  (if it is  being used) , 

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful
Customers Also Viewed These Support Documents