Problems with configuration Cisco -> freeradius

Wagner Pereira wpereira at pop-sp.rnp.br
Wed Jan 13 18:57:34 CET 2010 

Hi, Michael.

Welcome to this list. It's my pleasure try to help you, because many 
guys here helped me A LOT in the beggining.

Well, below is what I have in my Cisco 6506. And it is running perfectly!

aaa new-model
aaa group server radius admin
!
aaa authentication login default group radius local
aaa authentication enable default line enable
aaa authorization exec default none
aaa accounting exec default start-stop group radius
!
aaa session-id common
!
radius-server host 10.0.0.2 auth-port 1812 acct-port 1813
radius-server source-ports 1645-1646
radius-server key 7 XXXXXXXXXXXXXXXXXX
!

I hope it can help you.

-- 

Wagner Pereira

PoP-SP/RNP - Ponto de Presença da RNP em São Paulo
CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo
http://www.pop-sp.rnp.br
Tel. (11) 3091-8901



michi-bazi escreveu:
> Hello everybody,
>
> my first post here, hope you are able to help me.
> Honestly said I am a little bit confused.
> Here is my problem: I tried to setup the freeradius for cisco
> authentication.
> Sadly it didn't work. My reference how to configure was this:
> http://evilrouters.net/2008/11/19/configuring-freeradius-to-support-cisco-aaa-clients/comment-page-1/
> To my bad it didn't work.
> Here is what I have typed into the config files:
>
> users:
>
> cisco
>         Auth-Type:      = System
>         Service-Type    = NAS-Prompt-User,
> #       cisco-avpair    =”shell:priv-lvl=15”
>
> radiusd.conf:
>
>
> user = root
> group = root
>
> clients.conf:
>
> client 192.168.101.0/26 {
> 	secret		=Test_1
>         shortname	        = site_a
> 	nastype		= cisco
> }
>
> The switch is configured:
>
> aaa new-model
> !         
> !
> aaa authentication login default group radius local
> aaa authentication login localauth local
> aaa authentication ppp default if-needed group radius local
>
> aaa authorization exec default group radius local 
> aaa authorization network default group radius local 
> aaa accounting delay-start vrf default
> aaa accounting exec default start-stop group radius
> aaa accounting network default start-stop group radius
>
> aaa accounting system default start-stop group radius
> !
> ip radius source-interface Vlan1 vrf default
> radius-server host 192.168.128.246 auth-port 1812 acct-port 1813 key Test_1
> !
> control-plane
>
> Ping is running through.
>
> When I type show ip aaa to the switch I get this:
> sh aaa servers
>
> RADIUS: id 2, priority 1, host 192.168.128.246, auth-port 1812, acct-port
> 1813
>      State: current UP, duration 49s, previous duration 0s
>      Dead: total time 0s, count 13
>
>      Quarantined: No
>      Authen: request 76, timeouts 76
>              Response: unexpected 0, server error 0, incorrect 0, time 0ms
>              Transaction: success 0, failure 19
>      Author: request 0, timeouts 0
>
>              Response: unexpected 0, server error 0, incorrect 0, time 0ms
>              Transaction: success 0, failure 0
>      Account: request 60, timeouts 60
>              Response: unexpected 0, server error 0, incorrect 0, time 0ms
>
>              Transaction: success 0, failure 15
>      Elapsed time since counters last cleared: 6d23h35m
> site_mgt_manchester#
>
>
> Would be great if you could help me, don't know what's wrong.
>
> Best regards
>
>
> Michael
>

More information about the Freeradius-Users mailing list