Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

AS5300 login problems with AAA

I have gotten my dialup to work, however I am confused on my AAA configuration. I am using the following:

aaa authentication login SECURE group radius local

aaa authentication login NO_AUTHEN none

aaa authentication login LOCAL line

aaa authentication ppp default if-needed group radius local

aaa authentication ppp SECURE if-needed group radius local

aaa authorization network default group radius local

aaa authorization network SECURE group radius local

The SECURE is what is applied to my lines.

Radius passes off to a Cisco Secure ACS database, and hands off to SDI token card server.

The problem is when I dial in and passthrough the authentication to radius it leaves me at the router prompt. At which poing I need to enter PPP and close my dialup terminal to be authenticated to the network. I'd like to avoid that final process and after passing authentication have the terminal initiate the ppp automatically.

I have tried changes like removing the login, it's my understanding that if access to the EXEC prompt isn't neccesary the login option isn't needed. When removed however, all authentication fails.

What advice do you have?

1 REPLY

Re: AS5300 login problems with AAA

Often times complex troubleshooting issues are best addressed in an interactive trouble-shooting session with one of our trained technical assistance engineers. While other forum users may be able to help, it’s often difficult to do so for this type of issue.

To utilize the resources at our Technical Assistance Center, please visit http://www.cisco.com/tac and to open a case with one of our TAC engineers, visit http://www.cisco.com/tac/caseopen

If anyone else in the forum has some advice, please reply to this thread.

Thank you for posting.

101
Views
0
Helpful
1
Replies
CreatePlease login to create content