Radius config not working

Unanswered Question
Oct 16th, 2009

We're standing up a new network and I'm not having any luck getting Radius to work on my switches. It seems like the switch isn't even attempting to contact the Radius server, because when I attempt to ssh into the switch, then do a "show radius statistics", I don't see the counters incrementing at all. For example, there are counters for packets with and without responses, and both of them have been sitting at 0 ever since I installed the switch, even though I've tried several times to log in with my Radius credentials (my Windows AD login). The Radius config on my switch is as follows:


The following is the config I'm using on the switch:


aaa new-model

aaa authentication login RadiusGroup group radius local

aaa authorization exec RadiusGroup group radius local

!

username backup privilege 15 password xxx

!

ip domain-name xxxx.xxx.xxx

!

interface Vlan100

ip address x.x.x.x x.x.x.x

!

ip radius source-interface Vlan100

radius-server host x.x.x.x auth-port 1645 acct-port 1646 key xxxxx

radius-server retransmit 3

!

line vty 0 4

exec-timeout 15 0

authorization exec RadiusGroup

logging synchronous

transport input ssh

!


Any help is appreciated, thanks.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Collin Clark Fri, 10/16/2009 - 12:29

You have authorization under your VTY's, but no authentication.


Try adding-


login authentication RadiusGroup


Actions

This Discussion