Hi,
I have reloaded a Cisco 3548-XL (Software V12.05) and for some reason I cannot get
Radius to Authenticate,
I recieve an authentication failed when using a domain account. All other switches are working without problems on the same Windows IAS Server.
Any help appriciated.
Here is the config.
*****Cisco 3548*****
aaa new-model
aaa group server radius Radius_Servers
server 10.42.7.100
server 10.42.7.110
!
aaa authentication login default group Radius_Servers local
aaa authorization network default group Radius_Servers
aaa authorization auth-proxy default group Radius_Servers
aaa authorization configuration default group Radius_Servers
aaa accounting delay-start
aaa accounting nested
aaa accounting update newinfo
aaa accounting exec default start-stop group Radius_Servers
aaa accounting system default start-stop group Radius_Servers
interface VLAN41
ip address 10.10.0.19 255.255.248.0
ip helper-address 10.42.7.100
ip helper-address 10.42.7.110
ip helper-address 10.42.7.120
no ip directed-broadcast
no ip route-cache
!
ip default-gateway 10.10.0.1
ip radius source-interface VLAN41
radius-server host 10.42.7.100 auth-port 1645 acct-port 1646 key 7 *****
radius-server host 10.42.7.110 auth-port 1645 acct-port 1646 key 7 *****
*****AAA DEBUG*****
000088: Jan 6 18:34:42.586 GMT: AAA/AUTHEN/CONT (1524321245): continue_login (u
ser='testuser')
000089: Jan 6 18:34:42.586 GMT: AAA/AUTHEN (1524321245): status = GETPASS
000090: Jan 6 18:34:42.586 GMT: AAA/AUTHEN (1524321245): Method=Radius_Servers
(radius)
000091: Jan 6 18:34:42.615 GMT: AAA/AUTHEN (1524321245): status = ERROR
000092: Jan 6 18:34:42.615 GMT: AAA/AUTHEN/START (2368066011): port='tty0' list
='' action=LOGIN service=LOGIN
000093: Jan 6 18:34:42.615 GMT: AAA/AUTHEN/START (2368066011): Restart
000094: Jan 6 18:34:42.615 GMT: AAA/AUTHEN/START (2368066011): Method=LOCAL
000095: Jan 6 18:34:42.618 GMT: AAA/AUTHEN (2368066011): User not found, end of
method list
000096: Jan 6 18:34:42.618 GMT: AAA/AUTHEN (2368066011): status = FAIL
000097: Jan 6 18:34:44.644 GMT: AAA/MEMORY: free_user (0x539B98) user='testuser'
ruser='' port='tty0' rem_addr='async' authen_type=ASCII service=LOGIN priv=1
000098: Jan 6 18:34:44.644 GMT: AAA: parse name=tty0 idb type=-1 tty=-1
000099: Jan 6 18:34:44.644 GMT: AAA: name=tty0 flags=0x11 type=4 shelf=0 slot=0
adapter=0 port=0 channel=0
*****IAS SERVER LOG*****
10.10.0.19,testuser,01/06/
I have reloaded a Cisco 3548-XL (Software V12.05) and for some reason I cannot get
Radius to Authenticate,
I recieve an authentication failed when using a domain account. All other switches are working without problems on the same Windows IAS Server.
Any help appriciated.
Here is the config.
*****Cisco 3548*****
aaa new-model
aaa group server radius Radius_Servers
server 10.42.7.100
server 10.42.7.110
!
aaa authentication login default group Radius_Servers local
aaa authorization network default group Radius_Servers
aaa authorization auth-proxy default group Radius_Servers
aaa authorization configuration default group Radius_Servers
aaa accounting delay-start
aaa accounting nested
aaa accounting update newinfo
aaa accounting exec default start-stop group Radius_Servers
aaa accounting system default start-stop group Radius_Servers
interface VLAN41
ip address 10.10.0.19 255.255.248.0
ip helper-address 10.42.7.100
ip helper-address 10.42.7.110
ip helper-address 10.42.7.120
no ip directed-broadcast
no ip route-cache
!
ip default-gateway 10.10.0.1
ip radius source-interface VLAN41
radius-server host 10.42.7.100 auth-port 1645 acct-port 1646 key 7 *****
radius-server host 10.42.7.110 auth-port 1645 acct-port 1646 key 7 *****
*****AAA DEBUG*****
000088: Jan 6 18:34:42.586 GMT: AAA/AUTHEN/CONT (1524321245): continue_login (u
ser='testuser')
000089: Jan 6 18:34:42.586 GMT: AAA/AUTHEN (1524321245): status = GETPASS
000090: Jan 6 18:34:42.586 GMT: AAA/AUTHEN (1524321245): Method=Radius_Servers
(radius)
000091: Jan 6 18:34:42.615 GMT: AAA/AUTHEN (1524321245): status = ERROR
000092: Jan 6 18:34:42.615 GMT: AAA/AUTHEN/START (2368066011): port='tty0' list
='' action=LOGIN service=LOGIN
000093: Jan 6 18:34:42.615 GMT: AAA/AUTHEN/START (2368066011): Restart
000094: Jan 6 18:34:42.615 GMT: AAA/AUTHEN/START (2368066011): Method=LOCAL
000095: Jan 6 18:34:42.618 GMT: AAA/AUTHEN (2368066011): User not found, end of
method list
000096: Jan 6 18:34:42.618 GMT: AAA/AUTHEN (2368066011): status = FAIL
000097: Jan 6 18:34:44.644 GMT: AAA/MEMORY: free_user (0x539B98) user='testuser'
ruser='' port='tty0' rem_addr='async' authen_type=ASCII service=LOGIN priv=1
000098: Jan 6 18:34:44.644 GMT: AAA: parse name=tty0 idb type=-1 tty=-1
000099: Jan 6 18:34:44.644 GMT: AAA: name=tty0 flags=0x11 type=4 shelf=0 slot=0
adapter=0 port=0 channel=0
*****IAS SERVER LOG*****
10.10.0.19,testuser,01/06/
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 3 Comments.
Learn from the best
Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.
Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 3 Comments.
Try for 7 days”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.