Results 1 to 6 of 6

Thread: Can't login to router

  1. #1
    Join Date
    May 2008
    Posts
    90

    Can't login to router

    Hi all,Blakeexz here

    I'm trying using Radius as AAA server for login to router. The commands aaa new-model, aaa authentication, radius-server host command setup okey. Initially, the commands "aaa authentication login default group radius" works, and I can login to router. Secondly, I add a new the command "aaa authorization command 1 default group radius" also works, and I also can login to router. Finally, after I CHANGE the command TO "aaa authorization exec default group radius", I got "This line may not run ppp" when I try to login, then exit. (I'm connecting to router through ethernet interface.)

    Why I can't login to router any more?

    pls help

  2. #2
    Join Date
    May 2008
    Posts
    71

    Re: Can't login to router

    The authorization command causes a request packet containing a series of AV
    pairs to be sent to the RADIUS or TACACS daemon as part of the authorization process. The daemon can do one of the following:

    a.. Accept the request as is.
    b.. Make changes to the request.
    c.. Refuse the request and refuse authorization.

    For a list of supported RADIUS attributes, refer to the appendix "RADIUS
    Attributes" in the Cisco IOS Security Configuration Guide. For a list of supported TACACS+ AV pairs, refer to the appendix "TACACS+ Attribute-Value Pairs" in the Cisco IOS Security Configuration Guide.

  3. #3
    Join Date
    May 2008
    Posts
    90

    Re: Can't login to router

    What's the difference between keywords "EXEC" and "COMMAND" in aaa authorization command?

    pls help

  4. #4
    Join Date
    May 2008
    Posts
    71

    Re: Can't login to router

    This is the difference between two commands

    Exec
    Runs authorization to determine if the user is allowed to run an
    EXEC shell. This facility might return user profile information such as
    autocommand information.

    Commands
    Runs authorization for all commands at the specified privilege
    level.

  5. #5
    Join Date
    Oct 2008
    Posts
    75

    Re: Can't login to router

    A user on our network was having the same problem. To correct it, I had to remove the switchport trunk access commands that were associated with the appropriate port on the switch and add the proper switchport mode access commands. Once I made the change to this port, the user was able to telnet with no problem.

  6. #6
    Join Date
    May 2008
    Posts
    90

    Re: Can't login to router

    Thanks Oswald and enzo for solving my problem. good work guys just keep it up.

Similar Threads

  1. Router Password has been reset and thus cannot login
    By Sach-Het in forum Networking & Security
    Replies: 6
    Last Post: 04-06-2011, 11:54 PM
  2. Replies: 6
    Last Post: 09-02-2011, 12:39 AM
  3. Router ip address login
    By TechyShelby in forum Networking & Security
    Replies: 1
    Last Post: 24-06-2010, 06:48 AM
  4. Replies: 4
    Last Post: 20-01-2010, 09:53 PM
  5. restore ghost image, boots up to login screen but login loop
    By chrisnpg in forum Hardware Peripherals
    Replies: 2
    Last Post: 29-01-2008, 06:57 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Page generated in 1,711,623,760.77886 seconds with 17 queries