Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
2713
Views
0
Helpful
0
Comments

Unable to login to WLC even after the successful authentication message is received from the RADIUS Server

TCC_2
Level 10
Level 10

‎06-22-2009 05:06 PM - edited ‎11-18-2020 02:36 AM

Resolution

For the Remote Access Dial-In User Service (RADIUS) user to login to the controller, the login user entry in the RADIUS server has to be associated with an attribute, Service-Type.If this attribute is not sent back to the controller from the ACS, the authentication finishes successfully (access-accept) and you do not see any authorization error on the controller, even with debug aaa all enable.  But, you are prompted again for authentication. The only thing missing in the RADIUS return packet is the service type 6 attribute.

Refer to the Before Using RADIUS Attributes section of RADIUS Attributes for more information on how to configure the service-type attribute.

Problem Type

Cannot console or telnet or GUI into a device

Products

Wireless LAN Controllers

Security Options

LEAP / RADIUS

Authentication

Device Access Method

GUI Interface

Telnet

Terminal Server / Console

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents