AAA Policy --- IAS with Fallback to Local DB

Unanswered Question

I am trying to create AAA policy that will authenticate users via IAS but fallback to local DB if network is not available. I have successfully configured IAS to properly authenticate vty and console users but I get "access-denied" when using the single local user I set up.


I configured as follows:


Router(config)# aaa new-model

Router(config)# radius-server host 10.1.1.1 key *******

Router(config)# ip radius source-interface Vlan1

Router(config)# aaa authentication login mylist group radius local


Then I apply this command to con0 and vty 0 15 lines.


Router(config-line)#login authentication mylist


Thanks in advance....

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
srue Fri, 01/11/2008 - 20:38
User Badges:
  • Blue, 1500 points or more

the radius server must be unavailable for it to fall back to the local database.. stop IAS and try it.

(you do have a username/password configured on the router, right?)


Actions

This Discussion