I have a small problem with getting a Cisco AS5300 to Auth using free fradius. The same config file on the Cisco works fine with Merit Basic radius.
The user dials up, enters the login and password and it just hangs there. As shown below Welcome to simon.test login:allard Password: % Backup authentication Welcome to simon.test login: % Welcome to simon.test login: timeout expired! % Error in authentication. Welcome to simon.test login: % Welcome to simon.test login: timeout expired! % Error in authentication. NO CARRIER The radius server is defently reciveing the packet and sending an Accept packet back. It just seems like the As5300 is ignoreing the packet. Free radius debug below. (IP's and Password have been changed) rlm_ldap: - authenticate rlm_ldap: login attempt by "allard" with password "PASSWORD" rlm_ldap: user DN: loginName=allard, ou=auth, dc=ihug, dc=co, dc=nz rlm_ldap: (re)connect to localhost:389, authentication 1 rlm_ldap: bind as loginName=allard, ou=auth, dc=ihug, dc=co, dc=nz/PASSWORD rlm_ldap: waiting for bind result ... rlm_ldap: user allard authenticated succesfully modcall[authenticate]: module "ldap-local" returns ok modcall: group authtype returns ok radius_xlat: '' radius_xlat: 'Welcome to the Internet Group' radius_xlat: 'Welcome to the Internet Group' radius_xlat: '' Login OK: [allard] (from client ihugcisco-test port 5) Sending Access-Accept of id 6 to 192.168.0.1:1645 Framed-Protocol = PPP Service-Type = Framed-User Reply-Message = "" Reply-Message = "Welcome to the Internet Group" Reply-Message = "Welcome to the Internet Group" Reply-Message = "" Idle-Timeout = 1800 Finished request 11 There is no errors in the radius.log file. Relavent parts of the cisco config are below. The below config file works fine with Merit Radius. aaa new-model aaa session-mib disconnect aaa authentication username-prompt "Welcome to simon.test login:" aaa authentication login default group radius aaa authentication login CONSOLE none aaa authentication login ADMIN group tacacs+ enable aaa authentication login console none aaa authentication ppp default if-needed group radius aaa authorization exec ADMIN group tacacs+ if-authenticated aaa authorization exec console none aaa authorization network default group radius if-authenticated aaa accounting delay-start aaa accounting exec ADMIN wait-start group tacacs+ aaa accounting commands 1 ADMIN stop-only group tacacs+ aaa accounting commands 15 ADMIN stop-only group tacacs+ aaa accounting network default start-stop group radius aaa accounting connection default start-stop group radius radius-server host 192.168.0.2 auth-port 1645 acct-port 1646 radius-server retransmit 3 radius-server timeout 20 radius-server key PASSWORD radius-server vsa send accounting radius-server vsa send authentication Cisco Debug Jun 28 16:59:47.117 NZST: AAA/AUTHEN (3656183572): status = ERROR Jun 28 16:59:47.117 NZST: AAA/AUTHEN/START (2834581603): port='tty5' list='' action=LOGIN service=LOGIN Jun 28 16:59:47.117 NZST: AAA/AUTHEN/START (2834581603): Restart Jun 28 16:59:47.117 NZST: AAA/AUTHEN/START (2834581603): no methods left to try Jun 28 16:59:47.117 NZST: AAA/AUTHEN (2834581603): status = ERROR Jun 28 16:59:47.117 NZST: AAA/AUTHEN/START (2834581603): failed to authenticate Jun 28 16:59:49.117 NZST: AAA/MEMORY: free_user (0x6223F5F4) user='allard' ruser='' port='tty5' rem_addr='async/3038080' authen_type=ASCII service=LOGIN priv=1 Jun 28 16:59:49.117 NZST: AAA: parse name=tty5 idb type=10 tty=5 Jun 28 16:59:49.117 NZST: AAA: name=tty5 flags=0x11 type=4 shelf=0 slot=0 adapter=0 port=5 channel=0 Jun 28 16:59:49.117 NZST: AAA: parse name=E1 0:22 idb type=-1 tty=-1 Jun 28 16:59:49.117 NZST: AAA: name=E1 0:22 flags=0x51 type=9 shelf=0 slot=0 adapter=0 port=0 channel=22 Jun 28 16:59:49.117 NZST: AAA/MEMORY: create_user (0x621E72CC) user='' ruser='' port='tty5' rem_addr='async/3038080' authen_type=ASCII service=LOGIN priv=1 Jun 28 16:59:49.117 NZST: AAA/AUTHEN/START (427012612): port='tty5' list='' action=LOGIN service=LOGIN Jun 28 16:59:49.117 NZST: AAA/AUTHEN/START (427012612): using "default" list Jun 28 16:59:49.117 NZST: AAA/AUTHEN/START (427012612): Method=radius (radius) Jun 28 16:59:49.117 NZST: AAA/AUTHEN (427012612): status = GETUSER Jun 28 17:00:20.049 NZST: AAA/AUTHEN/ABORT: (427012612) because Login timed out. Can anyone see anything obvious? Regards Simon Allard Simon Allard (Senior Tool Monkey) IHUG Ph (09) 358-5067 Email: [EMAIL PROTECTED] I'm out of my mind right now, but feel free to leave a message..... - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html