Solved: Strange message when configuring RADIUS

SamE · ‎08-24-2017

Hi,

I have been setting up a 2960 running 15.2(2)E6 and when I used the default config that was used I came across the message about radius-server becoming depreciated so I thought I would look into it. I am fairly new to Cisco so am relying on other docs to try and get this working. Using this combined with this document I have come up with the config below to set up our 2 RADIUS servers:

radius server radius1
address ipv4 10.x.x.20
key xxxxxx
radius server radius2
address ipv4 10.x.x.21
key xxxxxx
aaa group server radius RAD
server name radius1
server name radius2
aaa authentication login default group RAD local
aaa authorization exec default group RAD local
line vty 0 4
login authentication RAD

This config seems to work fine but when I do the vty lines I get the message: AAA: Warning authentication list "RAD" is not defined for LOGIN.

Should I be worried about this? I can't work out why it is saying that as the aaa authentication login is showing in the config. What could be causing it? What should I be doing differently?

Thanks

agrissimanis · ‎08-24-2017

Under the vty lines you shoud refer to your method list (default in your case), not the server group. So it would need to be:

login authentication default

Regards,

Agris

Please vote if this helps

View solution in original post

agrissimanis · ‎08-24-2017

Under the vty lines you shoud refer to your method list (default in your case), not the server group. So it would need to be:

login authentication default

Regards,

Agris

Please vote if this helps

SamE · ‎08-24-2017

Great, thanks. If it is the default does that mean you don't need to put the line in at all or do you still need to set it but it just doesn't show up when you view the running config?

agrissimanis · ‎08-24-2017

It will immediately apply to all vty lines, if there is no specific method list defined under the vty lines

SamE · ‎08-24-2017

Perfect, thanks