Please Help: 3550 lab switch locked by radius server

Unanswered Question
Oct 5th, 2009
User Badges:

Hi All,


Any idea? After clean up all routers and switches config files, sw3 still asks for radius username and password.


When console login and using 3550 password recovery procedure, it still asks for username and password.


When config aaa new-model, no username is asked only the passowrd cisco in typed in. (please see detail config file in the following)


Note: This is for CCIE R&S home lab rack.


==========


// radius server locks sw3


Access-Server#9

[Resuming connection 9 to sw3 ... ]


User Access Verification

Username:

Username: cisco

Password:

% Backup authentication

00:27:36: %RADIUS-4-RADIUS_DEAD: RADIUS server 150.100.1.254:1645,1646 is not responding.

00:27:36: %RADIUS-4-RADIUS_ALIVE: RADIUS server 150.100.1.254:1645,1646 has returned.

Username:

===========






sw3#sh run

Building configuration...


Current configuration : 4655 bytes

!

version 12.2

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname sw3

!

!

aaa new-model

aaa authentication dot1x default group radius

!

aaa session-id common

mls qos

ip subnet-zero

ip routing

no ip domain-lookup

!

!

!

!

!

!

dot1x system-auth-control

dot1x guest-vlan supplicant

no file verify auto

!

!

interface FastEthernet0/11

switchport mode access

dot1x pae authenticator

dot1x port-control auto

dot1x guest-vlan 999

dot1x auth-fail vlan 999

!

interface FastEthernet0/12

switchport mode access

dot1x pae authenticator

dot1x port-control auto

dot1x guest-vlan 999

dot1x auth-fail vlan 999

!

interface FastEthernet0/13

switchport mode access

dot1x pae authenticator

dot1x port-control auto

dot1x guest-vlan 999

dot1x auth-fail vlan 999

!

interface FastEthernet0/14

switchport mode access

dot1x pae authenticator

dot1x port-control auto

dot1x guest-vlan 999

dot1x auth-fail vlan 999

!

interface FastEthernet0/15

switchport mode access

dot1x pae authenticator

dot1x port-control auto

dot1x guest-vlan 999

dot1x auth-fail vlan 999

!

interface FastEthernet0/16

switchport mode access

dot1x pae authenticator

dot1x port-control auto

dot1x guest-vlan 999

dot1x auth-fail vlan 999

!

interface FastEthernet0/17

switchport mode access

dot1x pae authenticator

dot1x port-control auto

dot1x guest-vlan 999

dot1x auth-fail vlan 999

!

interface FastEthernet0/18

switchport mode access

dot1x pae authenticator

dot1x port-control auto

dot1x guest-vlan 999

dot1x auth-fail vlan 999

!

interface FastEthernet0/19

switchport mode dynamic desirable

channel-group 1 mode desirable

!

interface FastEthernet0/20

switchport mode dynamic desirable

channel-group 1 mode desirable

!

interface FastEthernet0/21

switchport mode dynamic desirable

!

interface FastEthernet0/22

switchport mode dynamic desirable

!

interface FastEthernet0/23

switchport mode dynamic desirable

channel-group 2 mode desirable

!

interface FastEthernet0/24

switchport mode dynamic desirable

channel-group 2 mode desirable

!

interface GigabitEthernet0/1

switchport mode dynamic desirable

!

interface GigabitEthernet0/2

switchport mode dynamic desirable

!

interface Vlan1

no ip address

shutdown

!

ip classless

ip http server

ip http secure-server

!

radius-server host 150.100.1.254 auth-port 1645 acct-port 1646

radius-server source-ports 1645-1646

radius-server key cisco

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
dchen0999 Mon, 10/05/2009 - 14:07
User Badges:

try to do password recovery per cisco doc, but config.text file is missing from flash dir:



switch: dir flash:

Directory of flash:/


2 -rwx 5276 syslog

3 -rwx 0 env_vars

4 -rwx 7131928 c3550-ipservicesk9-mz.122-25.SEE.bin

5 drwx 64 crashinfo

24 -rwx 326 system_env_vars

7 drwx 192 c3550-i9q3l2-mz.121-13.EA1a

26 -rwx 24 private-config.text

Actions

This Discussion