Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Authorisation failed % error

Hello,

I have just added radius to my 2955 and when I log in I get this error:

Authorisation failed % error

This is what I have added.

aaa new-model

radius-server host 10.10.1.33 auth-port 1645 acct-port 1646 key secret

radius-server host 10.10.1.34 auth-port 1645 acct-port 1646 key secret

radius-server vsa send accounting
radius-server vsa send authentication

aaa authentication login default group radius local
aaa authentication enable default line
aaa authorization console
aaa authorization exec default group radius local

What does that error mean?  Is it an issue with the romete radius server or my config?

2 REPLIES

Authorisation failed % error

Andy,

Try removing the authorization lines from the aaa config and see if that helps. If so, you'll need to pass the attribute back from your radius server for the authorization piece. Something like shell:priv-lvl=15.

Take a look at this post as it may help:

https://supportforums.cisco.com/thread/344219

John

HTH, John *** Please rate all useful posts ***
New Member

Authorisation failed % error

Sorry for the delay, I'm still getting the error.

Cisco say that the Windows Radius server needs to send authorisation back to the switch, although the chap didn't know what I should add to the Radius server.  Would you know?

The user lokos to get authenticated and then is seems the switch expects to see authorisation sent from the Radius server.

Thanks

172
Views
0
Helpful
2
Replies