RADIUS & Odd user trying to login

Unanswered Question
Sep 3rd, 2008
User Badges:

I recently setup my main switches and routers to use RADIUS for Telnet sessions and am seeing something odd. There is a user being passed from SC0 of a 6509 switch called "azbycx" to RADIUS but is being denied of course. This happens every 5 minutes. I have done a capture on both SC0 via a SPAN as well as the entire VLAN the SC0 is on and all I see is the traffic to and from the RADIUS server. There is nothing external trying to connect.


Has anyone ever seen this before?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
andrew.butterworth Wed, 09/03/2008 - 23:35
User Badges:
  • Gold, 750 points or more

This is a known 'feature' with CatOS. It is a Radius Keepalive and by default it is enabled and set to 5-minutes. This results in your switch sending a Radius request to all configured Radius servers with the username 'azbycx' every 5-minutes to determine if the servers are 'Dead' or 'Active'.


http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/catos/8.x/command/reference/set_po_r.html#wp1818349


HTH


Andy


Please rate helpful posts

Actions

This Discussion