If he is doing local authorization no reports will show up in ACS for a failure.
Regards, Tyson Scott - CCIE #13513 R&S, Security, and SP Managing Partner / Sr. Instructor - IPexpert, Inc. Mailto: <mailto:[email protected]> [email protected] Telephone: +1.810.326.1444, ext. 208 Live Assistance, Please visit: <http://www.ipexpert.com/chat> www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at <http://www.ipexpert.com/communities> www.ipexpert.com/communities and our public website at <http://www.ipexpert.com/> www.ipexpert.com From: Kingsley Charles [mailto:[email protected]] Sent: Saturday, September 25, 2010 3:07 AM To: Tyson Scott Cc: yusef sheriff; [email protected] Subject: Re: [OSL | CCIE_Security] Radius Configuration with ACS 4.1 - Vol1 Task 5.5 Go to Report and Activity and check for the fail attempts log. You can see the reason for failure. Have you configured the user or group for NAR? With regards Kings On Sat, Sep 25, 2010 at 4:04 AM, Tyson Scott <[email protected]> wrote: If you are doing local authorization do you have the same user with same password information configured locally? Regards, Tyson Scott - CCIE #13513 R&S, Security, and SP Managing Partner / Sr. Instructor - IPexpert, Inc. Mailto: [email protected] Telephone: +1.810.326.1444, ext. 208 Live Assistance, Please visit: www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com <http://www.ipexpert.com/> From: yusef sheriff [mailto:[email protected]] Sent: Friday, September 24, 2010 2:02 PM To: Tyson Scott Subject: Re: [OSL | CCIE_Security] Radius Configuration with ACS 4.1 - Vol1 Task 5.5 It's Local. below is aaa config:- aaa new-model ! ! aaa authentication login default none aaa authentication login VTY group radius local aaa authorization exec default none aaa authorization exec VTY local aaa accounting exec VTY start-stop group radius Regards, Yusef On Fri, Sep 24, 2010 at 9:40 PM, Tyson Scott <[email protected]> wrote: What do you have configured for aaa exec authorization Regards, Tyson Scott - CCIE #13513 R&S, Security, and SP Managing Partner / Sr. Instructor - IPexpert, Inc. Mailto: [email protected] Telephone: +1.810.326.1444, ext. 208 Live Assistance, Please visit: www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com <http://www.ipexpert.com/> From: [email protected] [mailto:[email protected]] On Behalf Of yusef sheriff Sent: Friday, September 24, 2010 1:13 PM To: [email protected] Subject: [OSL | CCIE_Security] Radius Configuration with ACS 4.1 - Vol1 Task 5.5 Dear All, I am doing Vol1 - Task 5.5 struck up in configuring External database configuration. In my ACS server v4.1 not finding windows authentication configuration under external database -> windows user database configuration page. However, aaa test is successfully authenticated with radius server but if I do the telnet from R5 getting error authorization failed :- R8#test aaa group radius Ripuser1 p...@ssw0rd legacy Attempting authentication test to server-group radius using radius User was successfully authenticated. R8# ---------------------------------------------------------------------------- ---------- R5#telnet 5.8.8.8 Trying 5.8.8.8 ... Open User Access Verification Username: Ripuser1 Password: % Authorization failed. Kindly help me.. Thanks Regards, Yusef _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
