AAA authentication error

Unanswered Question
Jan 31st, 2008


I have installed ACS 4.1 and is using a 3560 Switch,the only configuration on ACS is the "AAA Client" which is my Switch host name and its ip address. and the secrect key is the same as the AAA server sercet key.the comunication betweent he server and the client is just find,but when i try to connect my prompts me for the credentials but returns back with an wror messsage on ACS "Invalid message Athenticator in EAP request "....message type .."Bad Request from NAS". and i the error message on the switch is %Radius %_Dead:Radius Server port 1813,1812 is no responding.

Please find my switch configuration below :

aaa new-model

aaa authentication login default group radius

aaa authentication dot1x default group radius

aaa authorization network default group radius

aaa accounting dot1x default start-stop group radius





dot1x system-auth-control

no file verify auto

spanning-tree mode pvst

spanning-tree extend system-id

interface GigabitEthernet0/1

switchport mode access

dot1x pae authenticator

dot1x port-control auto

interface GigabitEthernet0/26


interface GigabitEthernet0/27


--More-- interface GigabitEthernet0/28


interface Vlan1

ip address


ip classless

ip http server

ip http secure-server



radius-server host auth-port 1812 acct-port 1813 key [email protected]

radius-server source-ports 1645-1646





line con 0

line vty 5 15



Switch#telnet 1812

Trying, 1812 ...

% Connection timed out; remote host not responding

Switch#telnet 1813

telnet 18132


Sending 5, 100-byte ICMP Echos to, timeout is 2 seconds:


Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms

Kindly Suggest


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
ebreniz Wed, 02/06/2008 - 14:11

This message indicates that the system is unable to establish connection with any of the RADIUS servers. [dec] is the identification number of the RADIUS request packet. Check network connectivity.

datou1984923 Thu, 02/07/2008 - 04:31

you can change this command that radius-server host [email protected]

datou1984923 Thu, 02/07/2008 - 04:33

you can try this command that radius-server host key [email protected]


This Discussion