Solved: Re: RADIUS Authentication - Page 2

soypablocr · ‎12-20-2018

I'm trying to setup radius authentication on my WS-C2960X-48FPS-L switch I setup the following values:

aaa authentication fail-message ^CCCCCCAuthentication Failed; Try again. ^C

aaa authentication login default group radius local

aaa authentication login local_auth group radius

aaa authorization exec default group radius local

aaa authorization network default local

radius server RAD01-PRD-BIG

address ipv4 172.20.60.85 auth-port 1645 acct-port 1646

key 7 062F311559061B275C05353B2D

but when I try to test the connectivity using this command:

test aaa group radius server 172.20.60.85 (DOMAINUSER) (PASSWORD) legacy

It shows this message:

Attempting authentication test to server-group radius using radius
User authentication request was rejected by server.

I check the key and the server and for other devices works fine but I don't know if I missing something in the config. Any help will be well received

Thanks

soypablocr · ‎12-21-2018

HI Richard,

This is not implemented yet. But what would be the command list that you will recommend me to implement? I am looking for the best solution also in case something happen with RADIUS server we still can login with the local login.

Seb Rupik · ‎12-22-2018

If you want to ensure you have a fallback, on any method just add the 'local' keyword to the end of any AAA method. This will ensure the local user database is used should any of the preceding user data stores are unreachable.

cheers,

Seb.