There is a handy test commands once you've configured radius/tacacs and you're wondering if the authentication is working as expected. I've tested it on 3750 and 2800 with the specified versions of IOS below. According to cisco it should work from 12.2(28)SB.
SW#sh ver
Cisco IOS Software, C3750 Software (C3750-IPBASEK9-M), Version 12.2(46)SE, RELEASE SOFTWARE (fc2)
SW#test aaa group radius server 1.2.3.4 auth-port 1645 user correctpass new-code
User successfully authenticated
SW#test aaa group radius server 1.2.3.4 auth-port 1645 user wrongpass new-code
User rejected
and on my 2800 router:
(C2800NM-ENTBASEK9-M), Version 12.4(13d), RELEASE SOFTWARE (fc2)
R1#test aaa group radius user correctpass new-code
Trying to authenticate with Servergroup radius
User successfully authenticated
R1#test aaa group radius user wrongpass new-code
Trying to authenticate with Servergroup radius
Note that on 2800 if the authentication is not successful you dont get any output for it. Could be a bug solved in later versions, or might be working as designed ;-)
3 comments:
Awww...Your Article is giving really productive information to everyone. Well done.
i wish to say that you have nice post, thank you for sharing informational article.
www.n8fan.net
I discovered your weblog website on google and verify a couple of of your early posts. Continue to keep up the excellent operate. I simply extra up your RSS feed to my MSN Information Reader. Searching for ahead to studying extra from you in a while!… usa online casino
Post a Comment