troubleshooting Question

Urgent! Radius / Cisco 2600 User not found

Avatar of chiefcrazythumb
chiefcrazythumb asked on
NetworkingHardware FirewallsInternet Protocol Security
13 Comments1 Solution775 ViewsLast Modified:

Hi,

I'm new to Radius; I'm setting this up to Authenticate users through a Cisco 2600 to a W2k server.  I have set up the Cisco as shown below and gone through the basic set up of installing the IAS and configuring a client with the IP address of the Cisco router.  I have registered the service in Active Directory and stopped and started the IAS service.  I am getting the errors at the bottom (included the debug information).  I am using my own AD username but get "user not found" error.  I don’t know why this is happening.  I have tried this on two servers and get the same error.  I may have omitted a step somewhere but I don’t know where.  If you can help me resolve this you will get 500 points and an A on quality.  


 version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname xxxxxxx
!
aaa new-model
aaa authentication ppp default radius none
enable secret 5 xxxxxxxxxxxxxxxxxxxxxxx
!
ip subnet-zero
!
!
!
!
!
interface Loopback1
 description Local DLSW address
 ip address x.x.x.x 255.255.255.0
 no ip directed-broadcast
!
interface Ethernet0/0
 ip address x.x.x.x 255.255.255.0
 no ip directed-broadcast
!
router eigrp 1
 network 10.0.0.0
 network 40.0.0.0
 no auto-summary
!
ip classless
!
access-list 110 deny   tcp any host x.x.x.x eq 1024
access-list 110 deny   ip any host x.x.x.x
access-list 110 deny   ip any host x.x.x.x
access-list 110 permit ip 10.0.0.0 0.255.255.255 any
access-list 110 permit ip 40.0.0.0 0.255.255.255 any
access-list 110 deny   ip any any
access-list 1000 permit FFFFFFFF 4
radius-server host x.x.x.x auth-port 1645 acct-port 1646
radius-server key xxxxx
!
line con 0
 login authentication no_radius
 transport input none
line aux 0
 exec-timeout 0 0
 modem InOut
 transport input all
 flowcontrol hardware
line vty 0 1
 exec-timeout 60 0
 password xxxxxx
line vty 2 4
!
no scheduler allocate
end

Waco2511R#      
2d18h: AAA: parse name=tty66 idb type=-1 tty=-1
2d18h: AAA: name=tty66 flags=0x11 type=5 shelf=0 slot=0 adapter=0 port=66 channel=0
2d18h: AAA/AUTHEN: create_user (0x81094B04) user='' ruser='' port='tty66' rem_addr='x.x.x.x' authen_type=ASCII service=LOGIN priv=1
2d18h: AAA/AUTHEN/START (713788845): port='tty66' list='' action=LOGIN service=LOGIN
2d18h: AAA/AUTHEN/START (713788845): non console login - defaults to local database
2d18h: AAA/AUTHEN/START (713788845): Method=LOCAL
2d18h: AAA/AUTHEN (713788845): status = GETUSER
2d18h: AAA/AUTHEN/CONT (713788845): continue_login (user='(undef)')
2d18h: AAA/AUTHEN (713788845): status = GETUSER
2d18h: AAA/AUTHEN/CONT (713788845): Method=LOCAL
2d18h: AAA/AUTHEN (713788845): status = GETPASS
2d18h: AAA/AUTHEN/CONT (713788845): continue_login (user='xxxxx')
2d18h: AAA/AUTHEN (713788845): status = GETPASS
2d18h: AAA/AUTHEN/CONT (713788845): Method=LOCAL
2d18h: AAA/AUTHEN (713788845): User not found
2d18h: AAA/AUTHEN (713788845): status = FAIL
2d18h: AAA/AUTHEN: free_user (0x81094B04) user='damcp' ruser='' port='tty66' rem_addr='10.64.9.139' authen_type=ASCII service=LOGIN priv=1
2d18h: AAA: parse name=tty66 idb type=-1 tty=-1
2d18h: AAA: name=tty66 flags=0x11 type=5 shelf=0 slot=0 adapter=0 port=66 channel=0
2d18h: AAA/AUTHEN: create_user (0x81094B04) user='' ruser='' port='tty66' rem_addr='10.64.9.139' authen_type=ASCII service=LOGIN priv=1
2d18h: AAA/AUTHEN/START (487990743): port='tty66' list='' action=LOGIN service=LOGIN
2d18h: AAA/AUTHEN/START (487990743): non console login - defaults to local database
2d18h: AAA/AUTHEN/START (487990743): Method=LOCAL
2d18h: AAA/AUTHEN (487990743): status = GETUSER
ASKER CERTIFIED SOLUTION
Join our community to see this answer!
Unlock 1 Answer and 13 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 13 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros