Cisco Switch Example Configuration:

aaa authentication login default local group radius

aaa authentication enable default enable group radius

          aaa authorization exec default local group radius

radius-server host 10.9.2.4 auth-port 1812 acct-port 1646 key cisco 

line vty 0 4

authorization exec default

login authentication default

TekRadius Configuration:

Logs:

RadAuth req. from : 10.9.200.11:1645 – 14/08/2013 10:58:00 AM
Size              : 97 / 97
Identifier        : 111
Attributes        :

NAS-Port-Id = tty1
NAS-Port-Type = 5
Reply-Message = Password:
Calling-Station-Id = 10.4.2.4
NAS-IP-Address = 10.4.2.11
NAS-Port = 1
User-Name = yanjohn

14/08/2013 10:58:00 AM – Active Directory Authentication commencing for user ‘yanjohn’

14/08/2013 10:58:00 AM – Debug message (Check_AD_Group) : An operations error occurred.


14/08/2013 10:58:00 AM – Active Directory group does not match.

14/08/2013 10:58:00 AM – Active Directory group does not match, sending Failure-Reply (Reject).

14/08/2013 10:58:00 AM – Fetching Failure-Reply items – Start.

14/08/2013 10:58:00 AM – Fetching Failure-Reply items – Stop.

14/08/2013 10:58:00 AM – Generating Reply Packet – Start.

14/08/2013 10:58:00 AM – Generating Reply Packet – Stop.

By Jon

Leave a Reply