I had a bug with IOS 12.3.1 not using the radius secret correctly, reportedly fixed in 12.3(1a)
Upgrade to the latest FreeRadius and check debug output carefully for messages that suggest that the router has the wrong secret.
Check the router console for radius errors. try debug radius (lots of ouput potential).
Joe
Zugang Hou wrote:
I am running freeradius ver 0.4 and 0.81 on SUN Salaris 8. I have encounter the following problem:
1. On CISCO Router (1750) with ISO 12.1.x. I have no problem for users to telnet into the router via RADIUS authentication and authorization. 2. Since I upgraded CISCO IOS to 12.4.x. The users can not telnet in.
ON Radius server, the RADIUSD -X debug messages show everything normal (I compared 2 different version of IOS router's login message.)
ON CISCO router. the debug message is: 1w5d: AAA/AUTHEN/LOGIN (00000033): Pick method list 'default' 1w5d: AAA/AUTHOR/EXEC(00000033): processing AV message= 1w5d: AAA/AUTHOR/EXEC(00000033): Authorization FAILED
I tried freeradius 0.4 and 0.81. No difference.
Anyone knows why? Please kindly let me know if you have the answer.
Thanks,
Zugang Hou [EMAIL PROTECTED]
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
