RADIUS Cisco Catalyst 6807-XL

I have configured RADIUS authentication using IOS 12.4. I'm very new to the RADIUS configuration using IOS 15.3. I have a Cisco Catalyst 6807-XL switch which I need to configure to authenticate using RADIUS but it doesn't seem to work. The authentication using local database works fine though.
Ravindra PillayCCNA/CCNP InstructorAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JustInCaseCommented:
Generally, commands can be found in article - Configuring Authentication, maybe something I missed in the process, or you need something that is not included in configuration below (so please test it before going into production). I added new radius configuration commands (currently present in article radius-server host 192.0.2.3 auth-port 1645 acct-port 1646 command is deprecated).  

aaa new-model  
aaa authenticaton login default group radius local  
aaa authentication enable default group radius enable  
aaa authorization exec default group radius local  
!  
ip radius source-interface <interface>
!  
radius server <name>
 address ipv4 <ip_address> auth-port 1812 acct-port 1813 key XXXXXXXXX
 key <password>
!
radius-server retransmit 3  
!
interface gi1/0/1
 authentication port-control auto
!
! if you want authenticate admin via RADIUS implement on console and vty lines
!
line vty 0 15
 login authentication default
!
line console
  login authentication default

Open in new window

1

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Ravindra PillayCCNA/CCNP InstructorAuthor Commented:
Hi Predrag, thanks for your contribution. The below command doesn't seem to be going through:
address ipv4 <ip_address> auth-port 1812 acct-port 1813 key XXXXXXXXX. It only takes the command up to the acc-port 1813.
0
JustInCaseCommented:
There are commands that are device dependable.
On some devices only IP is accepted.
1
The Five Tenets of the Most Secure Backup

Data loss can hit a business in any number of ways. In reality, companies should expect to lose data at some point. The challenge is having a plan to recover from such an event.

JustInCaseCommented:
I just noticed key in the same line with IP address - it is obvious error.
You can find good article regarding RADIUS implementation on Cisco page- Demystifying RADIUS Server Configurations
0
Ravindra PillayCCNA/CCNP InstructorAuthor Commented:
Thanks Predrag, I need to troubleshoot this further. I have been reading many articles and also discovered that I will need the Cisco AV Pair configurations to make this work.
0
JustInCaseCommented:
I never configured RADIUS server itself, on the other hand switch RADIUS and TACACS+ configuration is part of day to day operations.
0
Ravindra PillayCCNA/CCNP InstructorAuthor Commented:
i was missing the command ip ssh source interface which solved the issue
0
Ravindra PillayCCNA/CCNP InstructorAuthor Commented:
Hi Predrag, many thanks for your assistance in solving the RADIUS issue. The command ip ssh source interface was missing so when i added that command, things started to function.
0
JustInCaseCommented:
You're welcome.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Cisco

From novice to tech pro — start learning today.