10-15-2019 05:04 AM
hi
Can someone check it? Is it right config for radius on nexus switch?
radius-server host 10.100.0.5 key 7 "******" authentication accounting
aaa group server radius RadServer
aaa authentication login default group RadServer local
aaa accounting default group RadServer
aaa authentication login error-enable
server 10.100.0.5
use-vrf vsan
10-15-2019 05:13 AM - edited 10-15-2019 05:14 AM
here is example working config :
aaa group server radius RADIUS-BB
server x.x.x.x
server y.y.y.y
use-vrf management ( generally this go via Management, you can use any VRF which can reach to Radius servers)
radius-server host x.x.x.x key 7 "mykey" authentication accounting
radius-server host y.y.y.y key 7 "mykey2" authentication accounting <- if you have 2 Radius
radius-server directed-request
aaa authentication login console local <- in case if you lock out with Radius)
aaa authentication login default group RADIUS-BB Local
Do not write the config untill all tested and working
10-15-2019 09:11 PM - edited 10-15-2019 09:27 PM
1) Why did you use 2 server command? I have only one radius server (10.100.0.5). As i understand i can use only one server x.x.x.x command, right?
server x.x.x.x
server y.y.y.y
2) use-vrf management ( generally this go via Management, you can use any VRF which can reach to Radius servers).
In my case I have to use vrf vsan
3) For what do we use this command?
radius-server directed-request
4) what does Local mean at the end of this command?
aaa authentication login default group RADIUS-BB Local
Can you check the config now?
radius-server host 10.100.0.5 key 7 "******" authentication accounting
aaa group server radius RadServer
server 10.100.0.5
use-vrf vsan
aaa authentication login default group RadServer local
aaa accounting default group RadServer
aaa authentication login error-enable
aaa authentication login console local
but radius sever is not working. I cant remotely connect to the nexus switch with radius(active directory) user credentials. Radius on windows server is configured correct. the problem is on the nexus side
10-15-2019 05:35 AM
Hi,
Check the below guide:
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide