Mixed login in Cisco Router

Answered Question
Aug 4th, 2009
User Badges:

Hi all:


I have configured Radius on all my network devices, but I need to enable mixed login (Radius and local) for only one of them (creating a local admin user)


Could someone help me?


Thanks!!


W.

Correct Answer by Jagdeep Gambhir about 7 years 9 months ago

Walter,

In that case you need to use local first,


aaa authentication login default group local RadiusServers


Regards,

~JG


Do rate helpful posts




  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Jagdeep Gambhir Tue, 08/04/2009 - 13:01
User Badges:
  • Red, 2250 points or more

Here are the command


Router(config)# username [username] password [password]

radius-server host [ip]

radius-server key [key]

aaa new-model

aaa authentication login default group radius local


Request will first go to radius and if it is down then it will let you in using local credential.


Regards,

~JG


Do rate helpful posts

walter.perera Tue, 08/04/2009 - 13:11
User Badges:

Hi JG


Thanks for your answer.


We have quite similar config:


aaa new-model

!

!

aaa group server radius RadiusServers

server [IP] auth-port [PORT1] acct-port [PORT2]

!

aaa authentication login default group RadiusServers local

aaa authentication enable default group RadiusServers enable

aaa session-id common


and when Radius is down, it works, but we want to create a local user on one of the routers and let them login not using Radius (the rest of the users will continue using Radius)


Hope it is clear.


Thanks


W.

Correct Answer
Jagdeep Gambhir Tue, 08/04/2009 - 13:21
User Badges:
  • Red, 2250 points or more

Walter,

In that case you need to use local first,


aaa authentication login default group local RadiusServers


Regards,

~JG


Do rate helpful posts




walter.perera Wed, 08/05/2009 - 03:48
User Badges:

Hi JG:


Thanks for your post. It works!

Just a small change:


aaa authentication login default local group [RadiusServers]

Actions

This Discussion