Solved: Re: PROBLEM LOCAL AUTHENTICATION IN CISCO CATALYST 9200

motas · ‎04-14-2023

Hello everyone, I have a cisco catalyst 9200, it has created an admin user with a defined password, but in addition to the admin user, when logging in with any other different credentials it works.

example :
user : XYZ
password: uhbfuew
It works, how to block it? I just want the admin user to be able to log into this device.

Follow config:
aaa authentication login default local group radius
aaa authorization exec default local group radius

motas · ‎05-11-2023

Hello everyone,

Sorry for the delay in response, the problem has been resolved, we identified that the security flaw was in the radius server, we removed it from the AAA settings on the switch and the problem was solved.

Previous configuration:

aaa authentication login default local group radius

aaa authorization exec default local group radius

New configuration:

aaa authentication login default local

aaa authorization exec default local

Thank you all for your help.

View solution in original post

marce1000 · ‎04-14-2023

- Make sure to have a unique admin user defined in the running-config too as in :
username <admin_username> privilege 15

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

MHM Cisco World · ‎04-15-2023

can you more elaborate what issue here >?

motas · ‎04-15-2023

My equipment has only one user, which is the admin user, but when entering via ssh and placing any character, it allows it and enters user configuration mode.

MHM Cisco World · ‎04-15-2023

are you use ISE as radius server ??

marce1000 · ‎04-15-2023

- Post the full running config of the 9200 ,

M.