problems with cisco 3550 and radius

Unanswered Question
Apr 19th, 2007
User Badges:

for some reason when we shutdown the metro lan port gigabitethernet, and we are trying to get in into the switch using our credentials it default back to user level and we cant use "enable command" even though we have both radius servers in both sides with level 15 access


any help will be appreciated

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
royalblues Thu, 04/19/2007 - 23:44
User Badges:
  • Green, 3000 points or more

what was the source interface configured for the radius authentication?


Narayan

Richard Burts Fri, 04/20/2007 - 07:30
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

From the description of the symptoms in the original post I believe that Narayan is on the right track. It sounds like the port that is being shut down has the IP address that the Radius server is configured to use. With the port shut down it sounds like a different address is being used as the source address for the authentication request, but the Radius server will not authenticate the request because it is from a source address that it does not recognize. The solution to this issue is usually to configure an address to use (like a loopback) so that no matter what interface is used to send the authentication request the source address will be the one the Radius server is expecting. Can the original poster confirm whether this is the case or not?


HTH


Rick

Actions

This Discussion