cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

335
Views
0
Helpful
4
Replies
Beginner

Unable to log on after radius authentication

hello,

 

i m using cisco switch 3650 denali 16.3.x

i would like to use aaa authentication login radius + local

when i use radius acoount it works

when i use local user it s impossible to log on switch 

how does  failback work ?

i ve tried differents configuration nothing has changed

how you got any idea ?

 

Best regards 

4 REPLIES 4
Frequent Contributor

Re: Unable to log on after radius authentication

The Radius server would need to be down, e.g unreachable from the switch.
Frequent Contributor

Re: Unable to log on after radius authentication

Is there any reason you are using radius rather than tacacs?
Regardless, for what you are asking, the config you have currently provided - the radius server will need to be down from perspective of the switch.
Highlighted
VIP Advisor

Re: Unable to log on after radius authentication

If you have configured as fall back as local user, to test this,

Go to radius, for this device disable radius, so this device no longer participate with radius, so local user works. 

 

once all test done, put back radius enable,

 

BB
*** Rate All Helpful Responses ***
Beginner

Re: Unable to log on after radius authentication

Hello,

Normally this depends on the order of your AAA configuration , whilst the default way and recommended is either using tacacs / radius to administer device and to fall back to local login when AAA server is unreachable.

 

Also you can still use the same local user to log on to the switch if only you are using a sort of ACS / ISE as Radius /AAA Server . All you need to do is have the same local user and password configure on the mentioned radius server ( make sure is the same credential as on the switch). Aside all this , you will only be able to use ocal user when Radius Server is unavailable.

 

Let me know if this help you.