The 2811 will communicate with the Radius server to establish a connection using a shared key and then will send the authentication request to the Radius server which will include the user password. I am not clear from your post whether it is the first communication to establish the connection or the user authentication request which is sending the "cisco" password. Can you clarify?
Also how are you determining what password the 2811 is sending?
It might be helpful if you would post the config of the 2811.
it is the password in the authentication request that I am referring to. We can see it on the freeradius server and although it is set to something different in the clients the 2811 transfers "cisco". The clients are non cisco devices so it is very likely that they are not the source of this string.
Here's the RADIUS part of my config:
aaa group server radius AAA-CLIENT-VPN2-GROUP
server 10.10.10.1 auth-port 1812 acct-port 1813
aaa authentication login default local
aaa authentication ppp AAA-CLIENT-VPN2-GROUP group radius local
aaa authorization network default group AAA-CLIENT-VPN2-GROUP local
aaa accounting update periodic 2
aaa accounting network default start-stop group AAA-CLIENT-VPN2-GROUP
aaa pod server auth-type any server-key
aaa session-id common
ip address 10.10.10.254 255.255.255.0
ip address x.x.x.114 255.255.255.248
ip unnumbered FastEthernet0/0
peer default ip address dhcp-pool DHCP-POOL-CLIENT-VPN2
I tested it now with the syntax you proposed and it was successful. Thanks for your idea. I previously thought that not entering the list would default to any configured RADIUS server (which partly is the case). But for the password sending apparently there is a different mechanism with or without the right group name.
I am glad that my suggestion was able to resolve your issue. I believe that the issue has less to do with whether you supply the group name or not and was the fact that you had created a named method list. So ppp authentication had no default method configured, had a named method configured, but had nothing to tell ppp to use the named method.
Thank you for using the rating system to indicate that your issue was resolved (and thanks for the rating). It makes the forum more useful when people can read about an issue and can read what was successful in resolving the issue.
I encourage you to continue your participation in the forum.
We have 3 identical switches configured by someone else and would like to claim some of the Gigabit ports(G1/G2/G3/G4) for use on servers. When we try to change the wiring and configuration, we run in to connectivity issues. Attached is a des...
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...