Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
13478
Views
15
Helpful
3
Replies

Cisco login RADIUS and Local

Pete Bauer
Level 1
Level 1

‎01-12-2017 11:04 AM - edited ‎03-11-2019 12:21 AM

Can someone provide instruction on how to setup RADIUS and local login on a Cisco switch?

I've got RADIUS setup on a test switch and that's working fine however I cannot get it to honor any local creds on the switch itself.

Any help would be great.

username pete privilege 15 password 0 petetest


aaa new-model

aaa group server radius MIRADIUS
server-private 192.168.0.1 auth-port 1845 acct-port 1846 key testkey123

aaa authentication login default group MIRADIUS
aaa authorization exec default group MIRADIUS

aaa session-id common


line con 0
line vty 0 4
length 0
transport input ssh
line vty 5 15

Labels:
0 Helpful
3 Replies 3

Karsten Iwen
VIP
VIP

‎01-12-2017 01:29 PM

You need to configure a fallback-method in your aaa-statements. The order depends on what you want:

1) the local user-DB should be used if the RADIUS-server is not available:

aaa authentication login default group radius local

2) you want that both the local and the RADIUS-accounts can be used:

aaa authentication login default local group radius

dsantana
Level 1
Level 1
In response to Karsten Iwen

‎04-05-2018 06:23 AM - edited ‎04-05-2018 06:26 AM

Hello Karsten, do you by any chance know how that second command translates to a NXS platform, specifically Cisco Nexus 9k?

 

Thank you!

0 Helpful

michael.c.dorsch
Level 1
Level 1
In response to Karsten Iwen

‎03-16-2022 01:57 PM

This really help me. Thank you so much. 

0 Helpful
Customers Also Viewed These Support Documents