Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
11083
Views
0
Helpful
22
Replies

RADIUS Fallback Local account not working

Go to solution
kamrannaseem
Level 1
Level 1

‎07-03-2013 04:25 AM - edited ‎03-10-2019 08:36 PM

Hi all,

I have a RADIUS server running on windows 2003. I am using cisco 2960 switch, everything is working fine but i need to test the local user account on the switch so that i dont lock myself out if the radius server is not available.

which command shall i enter to enable that ?

any help will be much appricated.

many thanks,

Kamran.

Labels:
0 Helpful
22 Replies 22

Go to solution
dheeraj.gautam
Level 1
Level 1
In response to dheeraj.gautam

‎07-24-2019 08:40 AM - edited ‎07-24-2019 08:41 AM

Actually local account is working only if radius server is not responding. by disable NPS manually i am able to login with local account.
i cannot login both account at a same time or by keeping NPS server active.

0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to dheeraj.gautam

‎07-24-2019 09:37 AM

Hi @dheeraj.gautam 

 

Local authentication is fallback only if radius or tacacs is unavailable. You cannot login using a local user account if the radius/tacacs server is still active.

 

HTH

0 Helpful

Go to solution
Jatin Katyal
Cisco Employee
Cisco Employee
In response to kamrannaseem

‎07-03-2013 06:03 AM

If you want to do SSH using local username/password

then add the same command what  Najaf suggested in the above post.

line vty 0 15

login authentication CONSOLE

transport input ssh

exit

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin
0 Helpful

Go to solution
kamrannaseem
Level 1
Level 1
In response to Jatin Katyal

‎07-03-2013 06:28 AM

Hi jatin,

After using these commands i can not login to my switch through RADIUS. how do i remove them?

many thanks.

0 Helpful

Go to solution
Jatin Katyal
Cisco Employee
Cisco Employee
In response to kamrannaseem

‎07-03-2013 06:44 AM 

If you want to do SSH using local username/password
then add the same command what  Najaf suggested in the above post.
line vty 0 15
login authentication CONSOLE
transport input ssh
exit

The above config will not help you access the device with radius credentials. I did mention that if you want to SSH using local database so use local credentials from the device itself.

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin
0 Helpful

Go to solution
kamrannaseem
Level 1
Level 1
In response to Jatin Katyal

‎07-03-2013 08:33 AM

Hi jatin,

thanks for your time

kind regards,

Kamran.

0 Helpful

Go to solution
kcnajaf
Level 7
Level 7
In response to kamrannaseem

‎07-03-2013 04:04 PM

Hi,

Thanks for using the rating system and glad to know that it is working as expected. I have been with playing with Cisco for about 10 years now:-)

Regards
Najaf

Sent from Cisco Technical Support iPhone App

0 Helpful

Go to solution
Jatin Katyal
Cisco Employee
Cisco Employee
In response to kamrannaseem

‎07-03-2013 06:06 AM

If the IOS is not configured for SSH, here is a link that can help you to enable SSH.

http://www.cisco.com/en/US/tech/tk583/tk617/technologies_tech_note09186a00800949e2.shtml#testwithssh

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin
0 Helpful
Customers Also Viewed These Support Documents