Showing results for 
Search instead for 
Did you mean: 
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.


Can't login to Cisco 3750 Switch

Hi all.


I know this has been discussed a million times and I've racked my head doing research the past 3 days and still can't login to the switch.  I am testing NPS via Windows Server 2012 R2.  My Cisco switch is a 3750 running 12.2 (55)SE10.

I have my NPS connected to Gi1/0/13 and a test computer on Gi1/0/15.  From my computer I can ping the NPS and vice versa.  Both the NPS and computer are on VLAN 100 which in this test I have setup as my management VLAN.

When I run the test aaa group radius server 192.x.x.17 testuser Password new-code I get the user successfully authenticated.  When I try and login to the Cisco switch I am unable to.


My NPS is setup as followed:

Radius clients

Friendly name test

ip address 192.x.x.16

shared secret cisco

advanced tab vendor name is Cisco.


Connection Policy:

Policy name test

condition with client friendly name being test

everything under the setting tab is left to default


Network Policy:

Policy Name Network Engineers

Policy enabled and grant access

Condition is user groups TestEnvironment\Network_Engineers

Client Friendly Name test

constraints is unencrypted PAP, SPAP

settings tab has standard with the service-type being login

vendor specific is cisco with shell:priv-lvl=15

everything else is left to the defaults








VIP Collaborator

Re: Can't login to Cisco 3750 Switch


 - Can you add the following to your switch configuration (check if it helps) :


radius-server attribute 6 on-for-login-auth
radius-server attribute 6 support-multiple
radius-server attribute 8 include-in-access-req
radius-server attribute 25 access-request include
radius-server attribute nas-port format d
radius-server attribute list custom
attribute 87



Re: Can't login to Cisco 3750 Switch

In this case I would look at the NPS server logs. What do you see in the NPS and in the security log?