Solved

Cisco RADIUS authentication fails intermittently.

Posted on 2016-07-18
5
133 Views
Last Modified: 2016-07-25
Does anyone knows why I'm getting these messages every 40-60 seconds, Cisco ACS server dead-alive-deadagain-and so on??
Note: Just happen in cisco switch 3750 stacked with port-channels configured.
 
230577: .Jul 18 12:29:52: %RADIUS-6-SERVERALIVE: Group radius: Radius server 192.168.0.10:1812,181 is responding again (previously dead).
230574: .Jul 18 12:29:20: %RADIUS-3-ALLDEADSERVER: Group radius: No active radius servers found. Id 164
 
show version:
C3750 Software (C3750-IPBASEK9-M), Version 15.0(2)SE4
 
Radius configuration:
aaa authentication login default local
aaa authentication dot1x default group radius
aaa authorization console
aaa authorization exec default local
aaa authorization network default group radius
aaa accounting dot1x default start-stop group radius
aaa accounting system default start-stop group radius
 
radius server RMN
 address ipv4 192.168.0.10 auth-port 1812 acct-port 181
 automate-tester username cisco ignore-acct-port
 key 7 **************
0
Comment
Question by:Hector2016
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 1

Expert Comment

by:Keshwarsingh Nadan
ID: 41719823
Can you share some more details on your etherchannel(s) ?
0
 
LVL 7

Accepted Solution

by:
Hector2016 earned 0 total points
ID: 41721353
Problem solved.
Sorry for the noise.
It was a human error on the config.
0
 
LVL 7

Author Comment

by:Hector2016
ID: 41724852
On the CISCO ACS web interface, you go to the properties of the Switch that is having the intermitence, then re-set the password field.

This happened because the IE auto-filled the field password with a catched value that was not the correct one, I didn't see the error because the password field does not show the actual characters, so I had to re-enter the correct password, and that solved the issue.
0
 
LVL 7

Author Closing Comment

by:Hector2016
ID: 41727380
It was a human error on the cisco config.
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Adnexus.net keeps getting hit from OpenDNS 12 62
Cisco SRST questions 5 27
Router speed limit 7 63
DFS replication issue 7 23
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question