01-12-2017 11:04 AM - edited 03-11-2019 12:21 AM
Can someone provide instruction on how to setup RADIUS and local login on a Cisco switch?
I've got RADIUS setup on a test switch and that's working fine however I cannot get it to honor any local creds on the switch itself.
Any help would be great.
username pete privilege 15 password 0 petetest
aaa new-model
aaa group server radius MIRADIUS
server-private 192.168.0.1 auth-port 1845 acct-port 1846 key testkey123
aaa authentication login default group MIRADIUS
aaa authorization exec default group MIRADIUS
aaa session-id common
line con 0
line vty 0 4
length 0
transport input ssh
line vty 5 15
01-12-2017 01:29 PM
You need to configure a fallback-method in your aaa-statements. The order depends on what you want:
1) the local user-DB should be used if the RADIUS-server is not available:
aaa authentication login default group radius local
2) you want that both the local and the RADIUS-accounts can be used:
aaa authentication login default local group radius
04-05-2018 06:23 AM - edited 04-05-2018 06:26 AM
Hello Karsten, do you by any chance know how that second command translates to a NXS platform, specifically Cisco Nexus 9k?
Thank you!
03-16-2022 01:57 PM
This really help me. Thank you so much.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide