Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
320
Views
0
Helpful
2
Replies

PIX not using Radius

vanagon2tdi
Level 1
Level 1

‎12-17-2004 09:02 AM - edited ‎02-20-2020 11:48 PM

I have configured my PIX to use our radius server for authentication, but it still only uses the local access for authentication. Can some one have a look at my config?

pdm location 10.254.254.5 255.255.255.255 inside

route inside 10.254.254.5 255.255.255.0 10.1.1.102 1

aaa-server RADIUS protocol radius

aaa-server RADIUS max-failed-attempts 3

aaa-server RADIUS deadtime 10

aaa-server RADIUS (inside) host 10.254.254.5 7140 timeout 10

aaa-server LOCAL protocol local

aaa authentication http console RADIUS

aaa authentication ssh console LOCAL

Dave

0 Helpful
2 Replies 2

paddyxdoyle
Level 6
Level 6

‎12-17-2004 12:11 PM

Dave,

Are you trying to authenticate PDM access and/or SSH access via RADIUS.

Your PDM config looks fine to me. What ports does your RADIUS server listen on, if its not 1645 and 1646 then you need to tell the PIX to use different ports

e.g. "aaa-server radius-authport 1812" and "aaa-server radius-acctport 1813".

Also i would check that you are using the correct key (7140) on both your PIX and RADIUS server.

If you are trying to authenticate SSH via RADIUS then your configuration is set to authenticate SSH locally.

You need to change this to

aaa authentication ssh console RADIUS

Thanks

PD

0 Helpful

scottmac
Level 10
Level 10

‎12-17-2004 08:13 PM

I believe you also need a "aaa new-server" command at the top.

Good Luck

Scott

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card