3Com 10014299 Network Router User Manual


 
Troubleshooting AAA and RADIUS 545
unavailable. Moreover as the radius timer quiet command has not been
configured (defaulted as 5 minutes), or a relative long dead-time has been
configured, the system does not know that the server has recovered. Use
undo
radius server
command to delete the original RADIUS server, and reconfigure it
by
radius server command to activate the server immediately.
5 If none of the above operations work, check whether the RADIUS server has been
configured correctly, and whether the modification has been activated
A user's RADIUS authentication is always rejected
Follow the steps below.
1 Check whether the user name, password and service type are set correctly on
RADIUS server.
2 Check whether the RADIUS server can be pinged through Check whether the
address, port number and key of RADIUS server configured on the router are
identical with those of the RADIUS server in use.
3 Use the radius server command to reconfigure the RADIUS server. Because of
the communication failure with the server, RADIUS server may be considered by
the system as unavailable by the system. And as the
radius timer quiet
command has not been configured (defaulted as 5 minutes), or a relative long
dead-time has been configured, the system does not know that the server has
recovered. Use
undo radius server command to delete the original RADIUS
server, and reconfigure it by
radius server command to activate the server
immediately.
4 Check whether the RADIUS server has been configured correctly, and whether the
modification made just now has been activated.
A connected user cannot be seen in display aaa user
Follow the steps below.:
1 Check whether AAA has been enabled.
2 Check whether the authentication methods contain "none", because users using
none method will not be displayed in the command
display aaa user.
No authentication is configured, yet users are still authenticated
Follow the step below:
1 AAA has been enabled, and the default authentication method in AAA default
authentication method list is “local”. To disable the authentication,
aaa
authentication-scheme ppp default none
should be configured. Meanwhile, it
should be noted that
undo aaa authentication-scheme ppp default can
delete the default method; it can only restore the local authentication.