Hi Dave
All the same
If I put line ahead of radius,it will not always use radius authentication even though server is up
But use tacacs+ ahead of line,if server fails,line will take over
It's tricky problem
Micky
----- Original Message -----
From: Dave Qi
To: micky
Cc: cisco-nsp@puck.nether.net
Sent: Tuesday, October 02, 2001 12:13 AM
Subject: RE: [nsp] Radius Vs. Cisco authentication ?
micky, try to "debug radius and debug aaa authentication" to see the authentication sequence.
Also, try reverse authentication sequence (line, and then radius), see if works.
-Dave
-----Original Message-----
From: micky [mailto:micky@apol.com.tw]
Sent: Saturday, September 29, 2001 7:50 PM
To: cisco-nsp@puck.nether.net
Subject: [nsp] Radius Vs. Cisco authentication ?
Hi Mr.cisco
I am confused about cisco router radius authentication
My config as below
aaa new-model
aaa authentication login default radius line none
radius-server host x.x.x.x
radius-server key test
It's strange
If my radius server is down,router will not be able to switch to use "line" authentication
????
It'll always prompt "username" and "password" and I can't login because of server's failure
If use tacacs+ authentication,it'll switch to "line" or "none" authentication
Can anybody help me resolve the problem ?
Thanks
Best Regards,
Micky
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:13:19 EDT