User Problem with Cisco Nexus 4.x

Phil Mayers p.mayers at
Wed Jul 13 19:34:08 CEST 2011

On 07/13/2011 05:40 PM, Jan.Gnepper at wrote:

> Access Reject (3), id: 0x17, Authenticator: 436530c99d29615e3a35aa878275a97d
> Is it possible that this causes my problem?

No, this is just due to checksum offload. Ignore it.

> Jan
> Huntgroups:
> ================================
> nexus NAS-IP-Address ==
> nexus NAS-IP-Address ==
> Users:
> ================================
> Line 67 ff:

Are you absolutely sure that:

  1. This file really says exactly this, and
  2. FreeRADIUS is reading this file - have you check you aren't editing 
the wrong file? Have you restarted FreeRADIUS after editing it?

The requests look identical.

However, your "users" file is obviously complex; you must have a lot of 
"LDAP-Group" comparisons earlier in it.

I suggest emptying the file and starting simple, with just two entries - 
the "test" user and the default reject.

> test Auth-Type := Pap, Huntgroup-Name == "nexus", MD5-Password :=

Don't set Auth-Type to PAP. Let the "pap" module handle this.

More information about the Freeradius-Users mailing list