Authorization failed in cisco switch

Alan DeKok aland at deployingradius.com
Mon Jul 22 16:37:23 CEST 2013


Marco Aresu wrote:
> i am getting some problem with authorization in free radius
> i configured the users file as below :
> 
>         DEFAULT   Auth-Type := System
>         cisco   Auth-Type := System
>         Service-Type = NAS-Prompt-User
>         cisco-avpair = "shell:priv-lvl=15",

  Is it *exactly* that?  i.e. did you format the entries correctly?

> When i try to login into a switch i receive the errore : Authorization
> Failed
> and during the debug i ve got :
> 
> # Executing section post-auth from file /etc/raddb/sites-enabled/default
> +- entering group post-auth {...}
> [++[reply_log] returns ok
> ++[exec] returns noop

  You have rather a lot more than that.

  The whole point of the debug output is to READ IT.

  ALL of it.

  What ELSE does it say?  Does the server return an Access-Accept?  If
so, blame the switch.  Otherwise, READ THE DEBUG OUTPUT to see what's
going on.

  Alan DeKok.


More information about the Freeradius-Users mailing list