Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
2107
Views
0
Helpful
3
Replies

setting a switch under radius control

baselzind
Level 6
Level 6

‎09-15-2019 04:20 AM - edited ‎02-20-2020 09:46 PM

i have been asked to list a switch under radius control , some switches are already added under it but im supposed to add any switches that arent , can i simply add the same command to other switches? also the key is made of numbers do i just paste the key in its number form

 

radius server radius
address ipv4 X.X.X.X auth-port 1812 acct-port 1813
key 7 999999999999999tttttt

Labels:
0 Helpful
3 Replies 3

balaji.bandi
Hall of Fame
Hall of Fame

‎09-15-2019 05:19 AM

Yes you can copy the exiting working Switch config and paste to new switch required radius control.

 

Couple steps required to be cautious while implementing.

 

1. Make sure you have a local username in case if the radius not working.

2. add the device into Radius device list.

3. apply the relevance AAA config to work as expected.

 

in case you see any issue logging using radius server, radius server will have logs why the user failing to log in for further diagnosis purpose. (sometimes you have extra space or copy-paste introduced new hidden character)

 

 

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

baselzind
Level 6
Level 6
In response to balaji.bandi

‎09-15-2019 12:47 PM

i was checking further and i found mostly i need the below config , but i was wondering do i need to configure somethin under vty line 0 15 to enable radius authentication?
also i found another command "aaa authentication login local_nm local" not sure how it differs from "aaa authentication login default group radius local"?

aaa authentication login default group radius local
radius server radius
address ipv4 X.X.X.X auth-port 1812 acct-port 1813
key 7 999999999999999tttttt
0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to baselzind

‎09-15-2019 02:58 PM

aaa authentication login default group radius local  <<- this is the correct syntax  (if you have radius group)

 

Another example if you using Group Servers :

 

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_rad/configuration/15-mt/sec-usr-rad-15-mt-book/sec-rad-aaa-server-groups.html

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Top