cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1194
Views
2
Helpful
10
Replies

Nexus 9300 Radius Config Disappearing

ChrisHerrin
Level 1
Level 1

Weird issue here. I have 2 Nexus 9300 running version 10.1(2) and both are encountering the same issue. I am setting up Radius on them and have entered all the info for the servers, groups, and associated access rules (such as "aaa authentication login default group radius <RADIUS GROUP NAME HERE> local"). Once I have configured all of this the info disappears outside of the access rules that I set up. I can see the info initially when I do a show run and show radius / radius-servers. I do a copy run start and try to login (unsuccessfully, it tells me it can't reach the configured radius servers). I go back in and all the info is gone and when I check the show run and sh radius / radius-servers it show 0 servers configured and 0 groups. Now when I go back in and try to re-add the servers with the radius key it tells me "Radius Command failed to comply". Also, I was going to reset the AAA settings by removing the AAA new-model and reapplying it but it does not seem to exist on the Nexus switches either. I have many catalyst switches and have never had an issue like this just the Nexus ones. Any help would be greatly appreciated!!

Thanks,

Chris

10 Replies 10

balaji.bandi
Hall of Fame
Hall of Fame

that is weired - is this both nexus in vPC ? classic ethernet right ?

check show run all (what is the outcome ?)

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

marce1000
VIP
VIP

 

             - Check the settings of the configuration register on the Nexus 9300 devices , 

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

What is the command to check that? I can see it on catalyst devices with show version but it doesn't show on the Nexus switches.

 

 >What is the command to check that? (the configuration register) I can see it on catalyst devices with show version but it doesn't show on the Nexus switches.
  - Good remark , initially may remark came from the catalyst platform(s) too , where this can sometimes be the cause , I am not sure about that on the nexus platform ; you may for instance issue the command : show tech | inc reg
  Also check if the admin user used has sufficient privileges (level) to save the running-config to the startup-config , you may for instance after executing  the copy run start command  issue the command : show logging
                                Watch for errors related to privileges or other (if any)

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

I still don't see the register there either. I added the radius group (again) and then just added the servers by themselves under the group and did a copy run start. When I do a show logging, I see a RADIUS_ERROR_MESSAGE: Problem in reading radius server group RADIUS_SETUP: configuration or group not found or  empty.

No errors regarding privilege but I literally just added the servers back under the group and it can't find the group or servers.

 

      >... RADIUS_ERROR_MESSAGE: Problem in reading radius server group RADIUS_SETUP: configuration or group not found or  empty.
- Similar to https://bst.cloudapps.cisco.com/bugsearch?pf=prdNm&kw=Problem%20in%20reading%20radius%20server%20group&bt=custV&sb=anfr ; this could be a bug , upgrade to the latest advisory software version for the 9300 and try again , 

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

ChrisHerrin
Level 1
Level 1

Attached in the text file are the commands I entered just now, and then what is showing up in the show run all and show radius-server.

 

 

mialmo
Level 1
Level 1

I'm having this issue as well. Any resolution?

It turns out is was an issue with the version of the NXOS I was running. I removed all the config I could for AAA and upgraded to the latest version and everything started working as intended.

Thanks for the update and for sharing your solution. The original issue was very odd, and that is consistent with the issue being a bug in the OS.

HTH

Rick
Review Cisco Networking for a $25 gift card