Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3513
Views
0
Helpful
2
Replies

Radius authentication failed

Ha Dao
Level 1
Level 1

‎05-17-2020 07:23 PM - edited ‎05-17-2020 07:23 PM

Hi guys

 

I am trying to configure authentication login with radius server. The configuration is working fine with 2960, 3860, but something wrong with my 4507

 

- From 2960, 3860: user privilege 15 and privilege 1 are authenticated right, i can see everything by "debug radius; terminal monitor"

- From 4507: user privilege 15 is authenticated fine, but user privilege 1 is not authenticated, and i can not see log with these commands "debug radius; terminal monitor" even user is authenticated or not.

 

Radius configuration (same configuration with 2960 and 3860)

 

username admin privilege 15 password abc123

aaa new-model

aaa group server radius RADIUS-SERVER

 server name RADIUS-68

 server name RADIUS-86

 

 

 

aaa authentication login default local group RADIUS-SERVER

aaa authorization exec default local group RADIUS-SERVER

 

radius server RADIUS-68

 address ipv4 x.x.x.x auth-port 1812 acct-port 1646

 key xxxxxx

radius server RADIUS-86

 address ipv4 x.x.x.x auth-port 1812 acct-port 1646

 key xxxxxx

 

privilege configure all level 1 interface

privilege exec level 1 show running-config

privilege exec level 1 show configuration

privilege exec level 1 show

 

ip radius source-interface Vlan1

 

 

 

Labels:
0 Helpful
2 Replies 2

marce1000
VIP
VIP

‎05-18-2020 02:55 AM

 

 - What's in the radius server's logs for the failed requests from the 4507 ?

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful

Ha Dao
Level 1
Level 1
In response to marce1000

‎05-18-2020 03:37 AM

Because i don't control the radius so i can't get log. The important thing for me is why 4507 doesn't show any log even i use debug radius command:

 

CORE-C4507-VSS#debug radius
Radius protocol debugging is on
Radius protocol brief debugging is off
Radius protocol verbose debugging is off
Radius packet hex dump debugging is off
Radius packet protocol debugging is on
Radius elog debugging debugging is off
Radius packet retransmission debugging is off
Radius server fail-over debugging is off
CORE-C4507-VSS#ter
CORE-C4507-VSS#terminal moni
CORE-C4507-VSS#terminal monitor
CORE-C4507-VSS#

 

After these commands, i am trying to login, even it success or failed, nothing output

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card