Hi expert guys
I am trying to configure authentication login with radius server. This configuration is working fine with 2960, 3860, but something wrong with my 4507
- I am using Windows server radius services (following by this guide line https://www.youtube.com/watch?v=KfJPqXfaKSE )
- From 2960, 3860: user privilege 15 and privilege 1 are authenticated right, i can see everything by "debug radius; terminal monitor"
- From 4507: user privilege 15 is authenticated fine, but user privilege 1 is not authenticated, and the crazy thing is that i can not see log with these commands "debug radius; terminal monitor" even user is authenticated or not.
4507 version and configurations:
sh version
Cisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSALK9-M), Version 03.06.06.E RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2016 by Cisco Systems, Inc.
Compiled Fri 16-Dec-16 21:17 by prod_rel_team
Cisco IOS-XE software, Copyright (c) 2005-2015 by cisco Systems, Inc.
All rights reserved. Certain components of Cisco IOS-XE software are
licensed under the GNU General Public License ("GPL") Version 2.0. The
software code licensed under GPL Version 2.0 is free software that comes
with ABSOLUTELY NO WARRANTY. You can redistribute and/or modify such
GPL code under the terms of GPL Version 2.0.
(http://www.gnu.org/licenses/gpl-2.0.html) For more details, see the
documentation or "License Notice" file accompanying the IOS-XE software,
or the applicable URL provided on the flyer accompanying the IOS-XE
software.
ROM: 15.0(1r)SG14
XXXX uptime is 44 weeks, 4 days, 21 hours, 37 minutes
Uptime for this control processor is 44 weeks, 4 days, 21 hours, 39 minutes
System returned to ROM by power-on
System restarted at 13:44:56 HaNoi Mon Jul 8 2019
System image file is "bootflash:/cat4500e-universalk9.SPA.03.06.06.E.152-2.E6.bin"
Jawa Revision 7, Snowtrooper Revision 0x0.0x1C
Radius configuration (same configuration with 2960 and 3860)
username xxx privilege 15 password a
aaa new-model
aaa group server radius RADIUS-SERVER
server name RADIUS-68
server name RADIUS-86
aaa authentication login default local group RADIUS-SERVER
aaa authorization exec default local group RADIUS-SERVER
radius server RADIUS-68
address ipv4 x.x.x.x auth-port 1812 acct-port 1646
key xxxxxx
radius server RADIUS-86
address ipv4 x.x.x.x auth-port 1812 acct-port 1646
key xxxxxx
privilege configure all level 1 interface
privilege exec level 1 show running-config
privilege exec level 1 show configuration
privilege exec level 1 show
ip radius source-interface Vlan1
===========
Tks so much