02-25-2009 12:08 PM - edited 03-06-2019 04:15 AM
I'm trying to setup my switches to authenticate users via Microsoft IAS to allow for management. I have followed may links I have found on the web, but I get a failure for some reason.
IAS shows the user has been granted access but the switch shows % Authentication failed.
I have this setup on one of my switches:
aaa new-model
aaa authentication login default group radius local
aaa session-id common
radius-server host 10.52.10.4 auth-port 1812 acct-port 1813
radius-server key test
line vty 0 15
login authentication default
On the IAS remote policy I created, on the Advanced tab, I have tried to set the service-type to login and to Administrative. Also tried to add the cisco-av-pair for shell:priv-lvl=15 and tried using vedor specific, but no go.
I have looked at these links but still no go:
http://www.forum.persianadmins.com/showthread.php?p=3017
02-25-2009 12:54 PM
I would try to run "debug radius" and see if you can get anything from that.
HTH,
John
02-25-2009 01:02 PM
I have used this tool extensively - Please download the test tool from this site to test the user http://www.evolynx.com/radius/dl_loadtest.aspx.
Mat
02-25-2009 06:49 PM
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: