No announcement yet.

aaa authentication

  • Filter
  • Time
  • Show
Clear All
new posts

  • aaa authentication

    Hi, please help. i have configured our cisco devices for aaa authentication and also configured the radius server. When test my domain account it worked but when i use my local account iam receiving "authentication failed". Below is my config in my cisco switch:

    aaa new-model

    radius-server host x.x.x.x auth-port 1645 acct-port 1646
    radius-server key xxxxxxxxxxxx

    aaa authentication login default group radius local
    aaa authorization exec default group radius local
    aaa authorization network default group radius local

    line vty 0 4
    login authentication default

    Thanks in advance.

  • #2
    Re: aaa authentication

    It will always user the radius server first. If the radius server goes down it will use the locallly configured account but if the radius server is up and working it will always use that.
    Also keep in mind if the radius server is up and it cant authenticate you (wrong password etc) it will not failover to the local database.
    CCNA, CCNA-Security, CCNP
    CCIE Security (In Progress)


    • #3
      Re: aaa authentication

      Yup. But i tested using both local and radius username password worked. even though radius server is up local username still worked. But when i configured it on our live environment local username is not working only the radius server.


      • #4
        Re: aaa authentication

        Sori auglan. You're right we cannot use the local login unless the radius server is down. I think you have already answered my problem. Thanks alot.