[cisco-nas] 12.3(11)T2 authorization failed,
Constructed " ppp negotiate"...trying to get an exec
Josh Duffek
consultantjd16 at ridemetro.org
Thu Dec 30 11:33:15 EST 2004
Was getting author failed after trying to login:
160467: Dec 30 10:26:15.795 cst: RADIUS: Received from id 1645/35
x.x.x.x:1645, Access-Accept, len 64
160468: Dec 30 10:26:15.795 cst: RADIUS: authenticator C7 90 70 AE 52
30 32 23 - 60 B7 4D 00 C0 92 84 78
160469: Dec 30 10:26:15.795 cst: RADIUS: Framed-Protocol [7] 6
PPP [1]
160470: Dec 30 10:26:15.795 cst: RADIUS: Service-Type [6] 6
Framed [2]
160471: Dec 30 10:26:15.795 cst: RADIUS: Class [25] 32
160472: Dec 30 10:26:15.795 cst: RADIUS: 5D 6D 06 25 00 00 01 37 00 01
92 92 FE D2 01 C4 []m?????7????????]
160473: Dec 30 10:26:15.795 cst: RADIUS: ED 32 08 2F 63 0C 00 00 00 00
00 00 01 6C [?2?/c????????l]
160474: Dec 30 10:26:15.795 cst: RADIUS(00000B44): Received from id
1645/35
160475: Dec 30 10:26:15.795 cst: RADIUS: Constructed " ppp negotiate"
160476: Dec 30 10:26:15.799 cst: AAA/AUTHOR (0xB44): Pick method list
'default' - FAIL
160477: Dec 30 10:26:15.799 cst: AAA/AUTHOR/EXEC(00000B44):
Authorization FAILED
IOS and Relevent config:
INTRO#sh ver | i IOS
Cisco IOS Software, 7200 Software (C7200-JK9O3S-M), Version 12.3(11)T2,
RELEASE SOFTWARE (fc1)
aaa new-model
aaa authentication login default group radius local
aaa authentication login pptp group radius local
aaa authentication login network group radius
aaa authorization exec default local
aaa authorization network default local
aaa authorization network network group radius
aaa session-id common
...so I made it "aaa author exec default none" and it works ok now...but
why does it have a mention of ppp negotiate when I am coming in for an
exec?
Should I have any other debugs on?
Thanks,
josh duffek network engineer
consultantjd16 at ridemetro.org
More information about the cisco-nas
mailing list