Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Radius configuration

I have configured radius on my 4006 router module and for whatever reason it is not authenticating. Now I am unable to gain access to the module. Any suggestions of how to regain access to the module? I am currently unable to access to be able to make any changes.

Hall of Fame Super Silver

Re: Radius configuration


It is a situation that many of us have gone through. There are several alternatives about how to deal with it and which ones would work will depend on aspects of your local situation. If the 4006 is local and you have access to the console of the 4006 there are a couple of things that you might be able to do. If you configured any backup authentication method (line passwords, or local ID with passwords) you may be able to disconnect the port/interface on the 4006 that provides connectivity to radius and then establish a local connection which should use the backup method since you have prevented communication with the radius server. Once in privilege mode you can re-establish communication with the radius server and can make changes to correct the situation. Or another alternative if you have configured a backup method of authentication is to have the radius administrator remove the definition in radius for this device. This will result in the 4006 attempting to authenticate with radius, not getting a response, and using backup authentication. Or you may be able to do password recovery. Then when you are already in privilege mode you can copy the startup config into running config, and you will be able to make config changes to correct the situation.

If you are not local to the 4006 it may be more effective to try to determine why radius is not authenticating. If you are lucky it will be something that can be changed on the radius server (examples of the kind of problem would include mistake in configuring which IP address is the source of the radius packet, or error in the key that is shared between the radius server and the 4006, or perhaps an error in configuring the user access to be granted)