Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
17683
Views
30
Helpful
7
Replies

Line has invalid autocommand " ppp negotiate"

Go to solution
tomas.backo
Level 1
Level 1

‎05-02-2007 06:54 AM - edited ‎03-10-2019 03:08 PM

Hi all,

i am trying to deploy radius authentication on my switches.

aaa authentication login default group radius local

aaa authorization exec default group radius local

I think that these two command is everythink what i need for radius authentication and authorization.

But when i try to login i get error message:

Line has invalid autocommand " ppp negotiate"

Please could you help me? I try to use command

line vty 0 15

no autocommand ppp negotiate

but with no success.

Please i need you urgent help.

Thanks a lot

Tomas

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jagdeep Gambhir
Level 10
Level 10

‎05-02-2007 09:43 AM

Tomas,

This message is seen when switch has exec authorizaton configured,and the RADIUS server has settings for a PPP connection. Therefore the switch is attempting to start PPP as it was asked to do by the RADIUS server. PPP can't be started on a telnet connection, so it fails and disconnects.

Suggestion : Either remove exec authorization or remove the Service-Type=Framed and/or

Framed-Protocol=PPP attributes from the RADIUS profile.

I hope the information would help resolving your query.

View solution in original post

7 Replies 7

Go to solution
Jagdeep Gambhir
Level 10
Level 10

‎05-02-2007 09:43 AM

Tomas,

This message is seen when switch has exec authorizaton configured,and the RADIUS server has settings for a PPP connection. Therefore the switch is attempting to start PPP as it was asked to do by the RADIUS server. PPP can't be started on a telnet connection, so it fails and disconnects.

Suggestion : Either remove exec authorization or remove the Service-Type=Framed and/or

Framed-Protocol=PPP attributes from the RADIUS profile.

I hope the information would help resolving your query.

Go to solution
tomas.backo
Level 1
Level 1
In response to Jagdeep Gambhir

‎05-02-2007 11:13 PM

Hi igambhir,

thank very much, i remove service-type and framed-protocol from radius, and that error message doesn't appear again.

But new problem arised for me :)

Authorization failed

But i don't know why?

I have command

aaa authorization exec default group radius

and i expect that when i am able to authenticate on radius i will be able to authorized also.

It is needed to set somethning on microsoft radius server?

Thanks in advance

Tomas

0 Helpful

Go to solution
Jagdeep Gambhir
Level 10
Level 10
In response to tomas.backo

‎05-03-2007 05:43 AM

Make service type = Login

If still error is there , get debugs

debug authorization

debug radius

Go to solution
imperialme
Level 1
Level 1
In response to Jagdeep Gambhir

‎10-10-2017 08:33 AM

Worked like a charm for my setup. Much thanks.

0 Helpful

Go to solution
jayznetwork
Level 1
Level 1
In response to tomas.backo

‎02-24-2022 12:26 PM

Hi tomas, 

can you tell me how did you remove the framed-protocol from radius ? I'm having the same problem

Go to solution
robert.dumitru
Level 1
Level 1
In response to Jagdeep Gambhir

‎04-20-2022 04:51 AM

You are the Best  

Work like a charm

you made my day

0 Helpful

Go to solution
chenriquevz
Level 1
Level 1

‎10-05-2010 11:39 AM

If you are using IAS on Windows 2k3 you can apply the "Request must contain the message authenticator attribute" check box to your switch profile!

0 Helpful
Customers Also Viewed These Support Documents