Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1328
Views
0
Helpful
1
Replies

3850 Radius authentication with NPS

trylvis123
Level 1
Level 1

‎05-12-2017 08:17 AM - edited ‎03-08-2019 10:33 AM

Hi everyone,

Working on setting up some new 3850 switches, and I have some problems getting aaa radius authentication up running.

I've used the same config as on some 2960X switches, but I get the "Access denied" error when I try to log on.

I use a Windows NPS server as radius, and wonder if there is any different settings for 3850, versus 2960X? I've set the radius attributes:
Name: Cisco-AV-Pair
Vendor: Cisco
Value: shell:priv-lvl=15

Which work for the 2960X switches, but not 3850.

Config looks like this:

aaa new model

aaa group server radius TEST

server-private 192.168.1.1 key 0 mykeymykey

aaa authentication login default group TEST local

aaa autorization login default group TEST local

line vty 0 15

transport input ssh

Thanks in advance!

3 people had this problem
Labels:
0 Helpful
1 Reply 1

gtucker@caraustar.com
Level 1
Level 1

‎02-14-2019 08:07 PM

We have exact issue too.  2960x (24 & 48 port) work fine, but all 2960CX 8-port and our 3850 units do not work with same aaa config.  Is there hardware/boot rom/ or implementation differences for 3850 and 2960CX 8-port devices that would work so differently?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card