How to failover to local account on a cisco switch/router if radius server fails?

Posted by 3d1l on Super User See other posts from Super User or by 3d1l
Published on 2010-03-19T15:02:47Z Indexed on 2010/03/19 15:11 UTC
Read the original article Hit count: 273

Filed under:

cisco

|

authentication

I have the following configuration on a switch that I testing for RADIUS authentication:

aaa new-model
aaa authenticaton login default group radius local
aaa authentication enable default group radius enable
aaa authorization exec default group radius local
enable secret 5 XXXXXXXXX
!
username admin secret 5 XXXXXXXXX
!
ip radius source-interface FastEthernet0/1
radius-server host XXX.XXX.XXX.XXX auth-port 1812 acct-port 1813 key XXXXXXXXX
radius-server retransmit 3
!
line con 0
line vty 5 15

Radius authentication is working just fine but if the server is not available I can not log into the router with the ADMIN account.

What's wrong there?

Thanks!

© Super User or respective owner

Related posts about cisco

Cisco Unifed Communication integration for Microsoft Lync crashes on Remote Desktop services 2008 R2!

as seen on Server Fault - Search for 'Server Fault'
Hi everybody i have deployed office communication server 2007 R2 and communicator 2007 R2 and i made integration with Cisco Unified Communication Manager 7.1 in my network, i also uses Remote Desktop Servers 2008 R2 for Thin Client Computers, now that i installed Cisco UC integration client for communicator… >>> More
Cisco Unified Communication integration for Microsoft Lync crashes on Remote Desktop services 2008 R2!

as seen on Server Fault - Search for 'Server Fault'
Hi everybody i have deployed office communication server 2007 R2 and communicator 2007 R2 and i made integration with Cisco Unified Communication Manager 7.1 in my network, i also use Remote Desktop Servers 2008 R2 for Thin Client Computers, now that i installed Cisco UC integration client for communicator… >>> More
Cisco Prime NCS not starting

as seen on Server Fault - Search for 'Server Fault'
I have received the Cisco Prime OVA file and which we placed onto an Oracle virtual environment. We turn the VM on and the CLI boots, When we try to start the NCS service we get errors. HOSTNAME/USER# ncs start Starting Network Control System... Exception in thread "main" java.lang.NullPointerException … >>> More
how to set port forwarding on a cisco 881 router (with cisco configuration professional)

as seen on Super User - Search for 'Super User'
I recently got a cisco 881 router for work and I have everything working except port forwarding I want to forward all incoming port 80 requests to 10.10.10.60 and all incoming port 53322 requests to 10.10.10.40 im using cisco configuration professional and im not sure where to find this option thanks… >>> More
Cisco: Site-to-site VPN with cisco 878 and ASA weirdness

as seen on Server Fault - Search for 'Server Fault'
I currently have 2 sites, both connected to each other through 2 firewalls / routers in a site-to-site VPN. Pinging from server to server (Using 2mb/2mb SDSL) through that VPN obviously works, however, at one site, we have another internet connection (7m/400k ADSL), and only the link between the two… >>> More

Related posts about authentication

Configuring Fed Authentication Methods in OIF / IdP

as seen on Oracle Blogs - Search for 'Oracle Blogs'
In this article, I will provide examples on how to configure OIF/IdP to map OAM Authentication Schemes to Federation Authentication Methods, based on the concepts introduced in my previous entry. I will show examples for the three protocols supported by OIF: SAML 2.0 SSO SAML… >>> More
windows authentication vs sql server authentication for asp.net forms authentication site

as seen on Stack Overflow - Search for 'Stack Overflow'
I have a database and a site having forms authentication. It is working fine with VS2008. This time, I am using "Trusted_connection =True". But when it is opened from outside or directly from browser then I am getting error "Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'." I know this is due… >>> More
Disable authentication on subfolder(s) of an ASP.NET app using windows authentication

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, Is it possible to disable windows authentication on one or more subfolders of an ASP.net application using windows authentication? >>> More
AutoCompleteExtender - authentication failure (forms authentication)

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm using the AutoCompleteExtender from the AJAX control toolkit on my aspx page - I have it wired up to a WCF service that is returning a string array and everything works happily. If I change my service definition to include a demand for the caller to be authenticated, like so: <OperationContract()… >>> More
Ruby on Rails , functionalities having twitter authentication and email authentication (autlogic and

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi Experts, I would like to ask your guidance on how to authenticate using email add/ the basic log-in while having also a twitter log-in, twitter authentication works fine but if having an alternative log-in like using basic sign-up and email log-in part wont work.... any ideas please...? >>> More