Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

urgent: can't logon to switch after conf microsoft Radius for logon

Answered Question
Jul 17th, 2006
User Badges:

Hi forum,

i can't logon to my switch after configuring logon with microsoft Radius, my configuration is as follow:

username nwadmin privilege 15 password 7

username yeopaul privilege 15 password 7

aaa new-model

aaa authentication login default group XXXRADIUS local enable

aaa group server radius XXXRADIUS

server X.X.X.X

radius-server host X.X.X.X auth-port 1645 acct-port 1646 timeout 60 retransmit 3 key XXXXX


on the microsoft radius server, i can see from the security event that the authentication is successful. However, the system event show the logon fail, reason : the user attempt to use an authentication method that is not enabled on the matching remote access policy.

how do I recover the switch's access?(it is my core switch running HSRP with another)

what could be the cause of this problem?

Appreciate your help.

Thanks and Best regards,


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
paulnigel Mon, 07/24/2006 - 16:11
User Badges:

Thanks much Wong,

it resolved my issue. Cisco is actually using pap so i alter the policy to use pap, then it goes through.

somehow i don't understand why even after i shutdown the Radius server, the switches still do not refer to the local user database for authentication, but when i did the same thing on my ASA, it does work.

Thanks and regards,



This Discussion