Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

SG300, telnet and RADIUS authentication.

Hi guys,

Hopefully I'm just being dumb and there is a simple answer to this.  I have an SG300 authenticating telnet login to a RADIUS server.  It allows me to log in at Priv level 1.  when I try and enter Priv 15 mode, I'm prompted for a password which I don't appear to be able to set anywhere or know.

If I remove RADIUS and go back to Local authentication, telnet logs me in at Priv15 immediately.  Anyone got any ideas?

Cheers

IW

Everyone's tags (4)
3 REPLIES

Re: SG300, telnet and RADIUS authentication.

Hi Iain,

You can create  a enable password into the switch via the following command in blue.

switch38cbaf#

switch38cbaf#

switch38cbaf#conf

switch38cbaf(config)#enable password level 15 xxxxxxxx  where xxxxxxxx is the password

switch38cbaf(config)#exit

switch38cbaf#wr


switch38cbaf#exit


C:\Users\testing>  telnet 192.168.10.13   (my SG300-10P)

User Name:dialin               (radius authentication passed)

Password:*********

switch38cbaf>enable

Password:xxxxxxxx


13-Nov-2011 03:43:54 %AAA-I-CONNECT: User CLI session for user unKnown over telnet , source 192.168.10.19 destination  192.168.10.13 ACCEPTED

switch38cbaf#   enable password allowed me to get full control

I have opened a case with the Small Business Support Center (SBSC) as i did notice a couple of issues.

  • There is no option within the GUI to create a enable password,  had to be done via CLI.
  • I have a issue with authentication first  trying local and then radius.

see if this helps

regards Dave

New Member

Re: SG300, telnet and RADIUS authentication.

Hi Dave,

I tried that yesterday and again just now (to make sure I wasn't being stupid) and it still seems to reject the password I've typed in.

When connected to CLI as a local Priv15 user:

"SG300-10(config)#enable password level 15 password"

Then flick authentication over to RADIUS.

User Name: xxxxxx  

Password:*********

SG300-10>show priv

Current privilege level is 1

SG300-10>en

Password:********

Password:*********

Password:********

authentication failed

SG300-10>

For reference:

SW version    1.1.2.0 ( date  12-Nov-2011 time  23:34:26 )

Thanks for your efforts so far.  Any further help greatly accepted.

Cheers

Iain.

New Member

Re: SG300, telnet and RADIUS authentication.

OK, fixed it

From CLI as a Priv15 user,

conf t

line telnet

no enable authentication

Thanks for your help in getting this going.

Iain.

2882
Views
0
Helpful
3
Replies
CreatePlease to create content