Logging into a chassis using a username created on the radius server does not work. Radius server as defined below with "Fallback Local Auth" set default (permit-all)
CBS# show radius-server
Host Name or Host IP Authentication Port Timeout (seconds) Key Fallback Local Auth
10.9.1.158 1812 3 crossbeam permit-all
Radius authentication does not work. The output from the following command:
tcpdump -neei eth2 host <ip address of radius server> port radius
The tcpdump specifically shows a reject message from the radius server.
Define the same username on both XOS and the Radius server using different passwords in each case.The Radius and XOS usernames must match for successful authentication. Password check will be done via Radius using its database.
Logging using the admin (XOS) account will work because the default is permit-all for fallback-to-local settings.
Description:Below are the results of the testing of the different account scenarios and the outcome for your reference.
192.1678.32.181 --- XOS chassis 10.9.1.158 --- Radius server CBS# show radius-server Host Name or Host IP Authentication Port Timeout (seconds) Key Fallback Local Auth 10.9.1.158 1812 3 crossbeam permit-all
Imported Document ID: 000019374
Subscribing will provide email updates when this Article is updated. Login is required.