Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

radius authentication and Checkpoin/Nokia device

hi,

I tried to authenticate and authorized Nokia/checkpoint Nortel/AD3 and Nortel 5510 platform using an 4.1 for windows ACS. the ACCESS-REQUEST is well processed bi the radius server wich send ACCESS-ACCEPT to the AAA Client (ie NORTEL or NOKIA), but i'have got access denied on the Client side.

RADIUS IETF Dictionnary is used for every device.

all others Cisco Devices authenticate and are well authorized.

I didn't found any documentation about this item.

best regards

Alai

  • AAA Identity and NAC
1 REPLY

Re: radius authentication and Checkpoin/Nokia device

Hi Alai,

As you have segregated the issue to till the point that ACS indeed is sending ACCESS-ACCEPT.

Now to troubleshoot this issue. First I would recommend you to only turn on Authentication on Nokia/checkpoint Nortel/AD3 and Nortel 5510 and turn off authorization if configured on these devices. And then check if you are able to log in.

And the exact reason why your access was denied on those devices could only be found by turning some sort of debugs, which will tell you whay those devices denied the request, even though radius server allowed them. It could it was looking for some extra attribute, or it could be timeout issue, i.e. ACCESS-ACCEPT never reached that device etc etc.

But the real reason, if Radius server authenticated the user, could only be found from device debugs.

Regards,

Prem

140
Views
5
Helpful
1
Replies