Usually AAA is setup so that

Andreas Schneider · ‎02-11-2015

Hello,

I tried to configure aaa (with radius) and local user authentication on a Nexus 7004 (Version 6.2(6a)), but did not get it to work.

Radius authentication is working fine(!), but I can't Login with a local created user (role vdc-Operator).

Any help is highly appreciated.

Kind regards,

Andreas

glen.grant · ‎02-11-2015

Usually AAA is setup so that the local password will only work if the Radius server goes down so try and test by disabling the radius and see if the local id works after that .

Andreas Schneider · ‎02-11-2015

Hi,

yes, I know that the fallback will jump in when no radius-Server responds, but I need the behaviour like the 6500'er (or 4500) act.(btw. local login works if radius is disabled, or local is the default, but if local is the default, radius Login no longer works) - Only one of the method at a time works.

On the 6500 I configured aaa with Windows NPS-Server and a local user (e.g. for the Cisco-LMS). This works fine. Even if the radius server is available, i can log into the device (via ssh) with the locally defined user-account.

What I miss is a kind of the command:

"aaa authentication login default local group radius"

"aaa authentication enable default enable"

(which works on the WS-C6509 or WS-C4500X).

Is there any chance to get this work on the Nexus7000?

Kind regards,

Andreas

Nexus 7000 aaa and local authentication