[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 609
  • Last Modified:

Cisco 3750 SFP - Radius Issue


I have a Cisco 3750 - 12 SFP. It uses Radius authentication. The problem is that I have a network issue and I dont have access to that Radius server, so I am unable to log in to the switch.

I have tried username offline and blank password but doesnt allow me to log in.

How can I get access to this switch without resetting its config now ?

1 Solution
You will need to use whatever alternative you configured. Usually local is at the end of the authenication login method list so that a configured local user/password can be used if connectivity to authentication servers fails.

Alternatively, you can try and connect to the switch device manager by http using your browser, as long as the http server has not been disabled on the switch. Use the secret password or enable password if it has been set.
In the worst case scenario, you could look at using password recovery. If this has been disabled, your only other option is to wipe the config and reconfigure from scratch.

Do you have a local username and password defined on the switch and did you configure local in addition to radius?

username local password password
aaa authentication default group radius local
Istvan KalmarCommented:

Ig you not have local username and local authentication you not able to login till you npt recovered the device...

I advise to PUT another SFP for radius uplink and login, all SFP slot hotplug!

The above answers are very accurate. Setting a usename and password locally is a great option and should be a definite practice when authenticating to a RADIUS server. LIke the others state, when you loose access to RADIUS, you loose the ability to login through telnet/ssh.

Is it possible you could direct someone locally to connect through the console cable and see if they're able to access, hopefully you have that wide open - I mean it's a shot in the dark, but maybe you'll get lucky. Then you could instruct them how to put a temporary username and password, this would allow you to get to it remotely till the issue is resolved. The only other possibility is through Web, if http server is active.

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now