Authenticating users on cisco 3750 switch

Jean-Francois Fortin jean-francois.fortin at oz.com
Tue Sep 19 15:22:40 CEST 2006


We did what is mentioned in the doc but still doesn't work.  It is like
if the answer from the radius doesn't reach back the switch.  But the
switch and the Radius server are on the same network.


>From radius server:

...
modcall: group authorize returns ok for request 3
auth: type Local
auth: user supplied User-Password matches local User-Password
Sending Access-Accept of id 148 to 10.9.19.5:21645
        Service-Type = NAS-Prompt-User
Finished request 3
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 10.9.19.5:21645, id=148,
length=62
Sending duplicate reply to client tmiciscosw.tmi-ppe.oz.com:21645 - ID:
148
Re-sending Access-Accept of id 148 to 10.9.19.5:21645

On the Switch:

013717: Sep 19 13:19:24: %RADIUS-4-RADIUS_DEAD: RADIUS server
10.9.19.16:1812,1.
013718: Sep 19 13:19:24: %RADIUS-4-RADIUS_ALIVE: RADIUS server
10.9.19.16:1812,.
% Username:  timeout expired!
% Authentication failed.




-----Original Message-----
From:
freeradius-users-bounces+jean-francois.fortin=oz.com at lists.freeradius.or
g
[mailto:freeradius-users-bounces+jean-francois.fortin=oz.com at lists.freer
adius.org] On Behalf Of Peter Nixon
Sent: Tuesday, September 19, 2006 4:29 AM
To: FreeRadius users mailing list
Subject: Re: Authenticating users on cisco 3750 switch

On Mon 18 Sep 2006 23:38, Jean-Francois Fortin wrote:
> Hi,
>
>             We are trying to use freeradius as authentication system
to
> allow users to connect to our cisco switch (3750) for management.  The
> radius server is running ok, we can authenticate Cisco ASA, BigIP LB
> against it.  But when trying with the 3750, we see that the radius
> server accept the user and return an answer to the switch, but it
> doesn't work.  Anyone has sample config using freeradius with cisco
> switch?

http://wiki.freeradius.org/index.php/Cisco

-- 

Peter Nixon
http://www.peternixon.net/
PGP Key: http://www.peternixon.net/public.asc




More information about the Freeradius-Users mailing list