AAA Policy --- IAS with Fallback to Local DB

Unanswered Question

I am trying to create AAA policy that will authenticate users via IAS but fallback to local DB if network is not available. I have successfully configured IAS to properly authenticate vty and console users but I get "access-denied" when using the single local user I set up.

I configured as follows:

Router(config)# aaa new-model

Router(config)# radius-server host key *******

Router(config)# ip radius source-interface Vlan1

Router(config)# aaa authentication login mylist group radius local

Then I apply this command to con0 and vty 0 15 lines.

Router(config-line)#login authentication mylist

Thanks in advance....

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
srue Fri, 01/11/2008 - 20:38
User Badges:
  • Blue, 1500 points or more

the radius server must be unavailable for it to fall back to the local database.. stop IAS and try it.

(you do have a username/password configured on the router, right?)


This Discussion