Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

AAA - Authentication Problem

I have upgraded the IOS from 11.3 to 12.1 on AS 5800 and since then the ppp authentication is not happening. I am using Merit Radius 4.2.2E application for authentication. Please suggest what the problem would be.

Note: the IOS 11.3 was working fine in the same setup


Re: AAA - Authentication Problem

I can try and help but need some more information. Which 12.1 revision did you move to and what debugs can you provide? Is there a 12.1 feature you need? Bugfinder shows a number of AAA bugs on some 12.1 releases so that might be the best place to start.

New Member

Re: AAA - Authentication Problem

U first need to understand how AAA works. AAA process (triple A) consists of Authentication, Authorisation & Accounting. First u need to know at which of the above point your connection is dropped. To do this enable following debugging on your NAS (Access Server) : debug AAA authentication , debug AAA authorisation , debug AAA acounting, debug radius, debug PPP negotiation. Then telnet to the NAS & enable the telnet session to capture the NAS log to a file. Then dial into the NAS (make sure u setup NAS as well as the radius server to use PAP authentication.)Then examine the log generated & trace down where exactly the connection is dropped.Locate the error mesasage & search the cisco site for an explaination of the error. Also examine the Access-accept or Access-reject responses from the Radius server ie the attributes in the response messages. Best of luck