Cisco MDS-9124 Troubleshooting Guide - Page 414
Troubleshooting RADIUS Routing Configuration
View all Cisco MDS-9124 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 414 highlights
iSCSI Issues Chapter 20 Troubleshooting IP Storage Services Send documentation comments to [email protected] 655 2003y3m14d 15h12m54s CHAP password AëC0__`õ 656 2003y3m14d 15h12m54s CHAP challenge 4_´ZH 657 2003y3m14d 15h12m54s NAS port=1426 658 2003y3m14d 15h12m54s NAS port type=5 659 2003y3m14d 15h12m54s Service type=8 660 2003y3m14d 15h12m54s User (user002) authenticate OK. 661 2003y3m14d 15h12m54s 662 2003y3m14d 15h12m54s Message Type=Access_Request 663 2003y3m14d 15h12m54s ID=179, Length=90 664 2003y3m14d 15h12m54s User name=user002 665 2003y3m14d 15h12m54s NAS IP address=2887147911 666 2003y3m14d 15h12m54s CHAP password=--5Àùrfàxh 667 2003y3m14d 15h12m54s CHAP challenge Ux 668 2003y3m14d 15h12m54s NAS port=1426 669 2003y3m14d 15h12m54s NAS port type=5 670 2003y3m14d 15h12m54s Service type=8 671 2003y3m14d 15h12m54s User (user002) authenticate OK. Troubleshooting RADIUS Routing Configuration The switch sends the RADIUS authentication request from the mgmt0 interface, so the correct route to the RADIUS server must be defined. If no correct route is defined, the switch may send the RADIUS request from the Gigabit Ethernet port. In that case, the RADIUS server returns the accept to the Gigabit Ethernet port and the switch does not get the response. Displaying the Debug Output for RADIUS Authentication Request Routing Using the CLI The following example shows the output from the debug security radius command. switch# Mar 5 00:51:13 securityd: received CHAP authentication request for user002 Mar 5 00:51:13 securityd: RADIUS is enabled, hence it will be tried first for CHAP authentication Mar 5 00:51:13 securityd: reading RADIUS configuration Mar 5 00:51:13 securityd: opening radius configuration for group:default Mar 5 00:51:13 securityd: opened the configuration successfully Mar 5 00:51:13 securityd: GET request for RADIUS global config Mar 5 00:51:13 securityd: got back the return value of global radius configuration operation:success Mar 5 00:51:13 securityd: closing RADIUS pss configuration Mar 5 00:51:13 securityd: opening radius configuration for group:default Mar 5 00:51:13 securityd: opened the configuration successfully Mar 5 00:51:13 securityd: GETNEXT request for radius index:0 addr: Mar 5 00:51:18 securityd: sending data to 171.71.49.197 Mar 5 00:51:18 securityd: waiting for response from 171.71.49.197 Mar 5 00:51:23 securityd: sending data to 171.71.49.197 Mar 5 00:51:23 securityd: waiting for response from 171.71.49.197 Mar 5 00:51:28 securityd: sending data to 171.71.49.197 Mar 5 00:51:28 securityd: waiting for response from 171.71.49.197 Mar 5 00:51:33 securityd: trying out next server Mar 5 00:51:33 securityd: no response from RADIUS server for authentication user002 Mar 5 00:51:33 securityd: doing local chap authentication for user002 Mar 5 00:51:33 securityd: local chap authentication result for user002:user not present 20-40 Cisco MDS 9000 Family Troubleshooting Guide, Release 3.x OL-9285-05