Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1192
Views
2
Helpful
10
Replies

Nexus 9300 Radius Config Disappearing

ChrisHerrin
Level 1
Level 1

‎08-15-2023 03:59 AM - edited ‎08-15-2023 04:01 AM

Weird issue here. I have 2 Nexus 9300 running version 10.1(2) and both are encountering the same issue. I am setting up Radius on them and have entered all the info for the servers, groups, and associated access rules (such as "aaa authentication login default group radius <RADIUS GROUP NAME HERE> local"). Once I have configured all of this the info disappears outside of the access rules that I set up. I can see the info initially when I do a show run and show radius / radius-servers. I do a copy run start and try to login (unsuccessfully, it tells me it can't reach the configured radius servers). I go back in and all the info is gone and when I check the show run and sh radius / radius-servers it show 0 servers configured and 0 groups. Now when I go back in and try to re-add the servers with the radius key it tells me "Radius Command failed to comply". Also, I was going to reset the AAA settings by removing the AAA new-model and reapplying it but it does not seem to exist on the Nexus switches either. I have many catalyst switches and have never had an issue like this just the Nexus ones. Any help would be greatly appreciated!!

Thanks,

Chris

1 person had this problem
Labels:
0 Helpful
10 Replies 10

balaji.bandi
Hall of Fame
Hall of Fame

‎08-15-2023 06:29 AM

that is weired - is this both nexus in vPC ? classic ethernet right ?

check show run all (what is the outcome ?)

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

marce1000
VIP
VIP

‎08-15-2023 07:14 AM

 

             - Check the settings of the configuration register on the Nexus 9300 devices , 

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

ChrisHerrin
Level 1
Level 1
In response to marce1000

‎08-15-2023 07:37 AM

What is the command to check that? I can see it on catalyst devices with show version but it doesn't show on the Nexus switches.

0 Helpful

marce1000
VIP
VIP
In response to ChrisHerrin

‎08-15-2023 10:08 AM

 

 >What is the command to check that? (the configuration register) I can see it on catalyst devices with show version but it doesn't show on the Nexus switches.
  - Good remark , initially may remark came from the catalyst platform(s) too , where this can sometimes be the cause , I am not sure about that on the nexus platform ; you may for instance issue the command : show tech | inc reg
  Also check if the admin user used has sufficient privileges (level) to save the running-config to the startup-config , you may for instance after executing  the copy run start command  issue the command : show logging
                                Watch for errors related to privileges or other (if any)

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

ChrisHerrin
Level 1
Level 1
In response to marce1000

‎08-15-2023 11:46 AM

I still don't see the register there either. I added the radius group (again) and then just added the servers by themselves under the group and did a copy run start. When I do a show logging, I see a RADIUS_ERROR_MESSAGE: Problem in reading radius server group RADIUS_SETUP: configuration or group not found or  empty.

No errors regarding privilege but I literally just added the servers back under the group and it can't find the group or servers.

0 Helpful

marce1000
VIP
VIP
In response to ChrisHerrin

‎08-15-2023 11:11 PM

 

      >... RADIUS_ERROR_MESSAGE: Problem in reading radius server group RADIUS_SETUP: configuration or group not found or  empty.
- Similar to https://bst.cloudapps.cisco.com/bugsearch?pf=prdNm&kw=Problem%20in%20reading%20radius%20server%20group&bt=custV&sb=anfr ; this could be a bug , upgrade to the latest advisory software version for the 9300 and try again , 

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

ChrisHerrin
Level 1
Level 1

‎08-15-2023 07:23 AM

Attached in the text file are the commands I entered just now, and then what is showing up in the show run all and show radius-server.

 

 

Preview file
2 KB
0 Helpful

mialmo
Level 1
Level 1

‎04-02-2024 10:28 AM

I'm having this issue as well. Any resolution?

0 Helpful

ChrisHerrin
Level 1
Level 1
In response to mialmo

‎04-02-2024 12:01 PM

It turns out is was an issue with the version of the NXOS I was running. I removed all the config I could for AAA and upgraded to the latest version and everything started working as intended.

Richard Burts
Hall of Fame
Hall of Fame
In response to ChrisHerrin

‎04-03-2024 09:34 AM

Thanks for the update and for sharing your solution. The original issue was very odd, and that is consistent with the issue being a bug in the OS.

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card