RE: [RadiusNT] radius authentication problem after upgrade to 12.

Nicolaj Ottsen ( no@webpartner.dk )
Mon, 24 Jul 2000 19:26:57 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Previous message: Nezar Ahmed: "[RadiusNT] RadCheckOnline"
Next message: Christian Schmit: "[RadiusNT] Re: radius authentication problem after upgrade to 12.1(3)"

I made the same upgrade this sunday, without problems.

I run 12.1.3 on an AS5300 up against RadiusNT 3.174

There are some changes to the aaa syntax after 12.0(3), mabe that could be
an explanation.

I have included my aaa model.

aaa new-model
aaa authentication login SECURE group radius enable
aaa authentication login CONSOLE none
aaa authentication login VTY line
aaa authentication ppp default group radius
aaa authorization exec exec-shell local
aaa authorization network default group radius
aaa accounting exec default start-stop group radius
aaa accounting network default start-stop group radius

Venlig hilsen / Best regards

Nicolaj Ottsen
no@webpartner.dk
Telefon: 70262300 Fax: 70262301
Direkte: 35254771 Mobil: 20662091

WebPartner

***************************************************

> -----Original Message-----
> From: Christian Schmit [mailto:cschmit@vo.lu]
> Sent: 24. juli 2000 18:18
> To: radiusnt@iea-software.com
> Subject: [RadiusNT] radius authentication problem after upgrade to
> 12.1(3)
>
>
>
> I just upgraded one AS5300 from 12.04XJ(4) IP plus
> to 12.1(3) IP Plus. After this upgrade dial-in users
> could no longer authenticate to login via radius.
>
> I checked my radiusnt debug files and saw
> that the radius server was receiving the
> login request from the AS5300 and also
> acknowledged the login request. However the AS
> did not authenticate the user.
>
> I then configured my radius server to let in
> every user regardless of which password or username
> is entered and this way it works. As you can
> imagine this is only a temporary solution.
>
> The same radius server worked fine with 12.04XJ(4)
> and is still working fine with a group of PM3's.
> No changes were made to the radius server.
> I use radiusnt 2.5(212) with SQL 7 server.
>
> My radius config on the NAS:
> -----------------------------
>
> aaa new-model
> aaa authentication login SECURE group radius enable
> aaa authentication login CONSOLE local
> aaa authentication login AUX group radius enable
> aaa authentication login VTY line
> aaa authentication ppp default if-needed group radius local
> aaa authorization exec default group radius if-authenticated
> aaa authorization network default group radius if-authenticated
> aaa accounting exec default start-stop group radius
> aaa accounting network default start-stop group radius
> .
> .
> .
> radius-server host a.b.c.d auth-port 1645 acct-port 1646
>
>
> thanks,
> Christian
>
>
> For more information about this list (including removal) go to:
> http://www.iea-software.com/support/maillists/liststart
>

For more information about this list (including removal) go to:
http://www.iea-software.com/support/maillists/liststart

Previous message: Nezar Ahmed: "[RadiusNT] RadCheckOnline"
Next message: Christian Schmit: "[RadiusNT] Re: radius authentication problem after upgrade to 12.1(3)"