Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
631
Views
0
Helpful
1
Replies

RADIUS Authentication Error Across the Subnet

faiqmahdi
Level 1
Level 1

‎03-26-2014 10:51 AM - edited ‎03-04-2019 10:39 PM

Hi Guyz

I have configured Microsoft Server 2012 R2 as a RADIUS for Cisco IOS Devices

Server IP Address :  10.95.6.12

Router IP Address Fa 0/0.192                    ---->>>    192.193.194.195

Router IP Address Fa 0/0.6                          --->>>    10.95.6.1

Switch IP Address VLAN 192                     ---->>>    192.193.194.2010.95.6.11

Switch IP Address VLAN 6                          ---->>>    10.95.6.11

When i access the Cisco Devices RADIUS CLIENT with 10.95.6.x Subnet, It works fine 

When i access the Cisco Devices through RADIUS CLIENT 192.193.194.x Subnet, It does not pass through the RADIUS Authentication.

Attached in the Picture i can not access the 192.193.194.20 Device but I can access 10.95.6.1 Device.  As soon as I change the IP Address 10.95.6.11 I can access the Device.

 

Ping is successful across the  Routers / Switches and Server as well.  Below is unsuccessful debug details as well:

 

===

Home_Switch#
01:52:30: RADIUS/ENCODE(00000008): ask "Password: "
Home_Switch#
01:52:41: RADIUS/ENCODE(00000008):Orig. component type = EXEC
01:52:41: RADIUS:  AAA Unsupported Attr: interface         [171] 4   
01:52:41: RADIUS:   74 74                [ tt]
01:52:41: RADIUS/ENCODE(00000008): dropping service type, "radius-server attribute 6 on-for-login-auth" is off
01:52:41: RADIUS(00000008): Config NAS IP: 0.0.0.0
01:52:41: RADIUS/ENCODE(00000008): acct_session_id: 8
01:52:41: RADIUS(00000008): sending
01:52:41: RADIUS/ENCODE: Best Local IP-Address 10.95.6.11 for Radius-Server 10.95.6.12
01:52:41: RADIUS(00000008): Send Access-Request to 10.95.6.12:1812 id 1645/6, len 85
Home_Switch#
01:52:41: RADIUS:  authenticator 95 FB 3F FE 79 BB AA D6 - C9 26 F4 EC 95 32 80 06
01:52:41: RADIUS:  User-Name           [1]   7   "cisco"
01:52:41: RADIUS:  User-Password       [2]   18  *
01:52:41: RADIUS:  NAS-Port            [5]   6   2                         
01:52:41: RADIUS:  NAS-Port-Id         [87]  6   "tty2"
01:52:41: RADIUS:  NAS-Port-Type       [61]  6   Virtual                   [5]
01:52:41: RADIUS:  Calling-Station-Id  [31]  16  "192.193.194.50"
01:52:41: RADIUS:  NAS-IP-Address      [4]   6   10.95.6.11                
01:52:41: RADIUS(00000008): Started 5 sec timeout
Home_Switch#
01:52:46: RADIUS(00000008): Request timed out 
01:52:46: RADIUS: Retransmit to (10.95.6.12:1812,1813) for id 1645/6
01:52:46: RADIUS(00000008): Started 5 sec timeout
Home_Switch#

 

===

 

Any help will really appreciate. 

 

 

 

Labels:
Preview file
25 KB
0 Helpful
1 Reply 1

Leo Laohoo
Hall of Fame
Hall of Fame

‎03-26-2014 02:46 PM

Duplicate posts.  

 

Go here:  http://supportforums.cisco.com/discussion/12154866/radius-authentication-error-across-subnet

0 Helpful
Customers Also Viewed These Support Documents