Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

seefriek

3 Posts

25944

October 10th, 2007 18:00

6224 Radius Authentication broken

I've got a recently added 6224 running 1.0.4.3. I've configured it to use Radius to authenticate administrators against a Microsoft IAS server. I use this identical configuration to authenticate 6024F and 52xx switches in the network. This is the standard config off of the Dell web site. However, when admins log into this switch and successfully authenticate (IAS events show no problems), they are logged in at priv-lvl 1, not priv-lvl 15. No amount of mucking about gives me the answer I need to fix this.

Vesperatus

8 Posts

March 20th, 2009 09:00

I would like to know that too. Ran across this today.

bh1633

909 Posts

March 24th, 2009 09:00

RADIUS works on these switches.  Please post your config and we will get you going.

Vesperatus

8 Posts

March 24th, 2009 10:00

Thank you for your reply.

I finally realized that I removed LOCAL has a method for HTTP authentication method. That was why my account was not properly authenticated.

 

anberry

7 Posts

March 30th, 2009 14:00

Please post your current configuration from the 6224 (and 6024F if different) and a quick steps-to-reproduce and I will try it on my setup and then give feedback.  

fredflint84

2 Posts

September 24th, 2009 12:00

I'm having this same issue with NPS (Windows 2008 Network Policy Server). I am passing "shell:priv-lvl=15" in the AV pair. For HTTP and HTTPS access, this works great. But for SSH and telnet access, I still have to type enable to get to enable mode. There doesn't seem to be any debug tools related to this so it's VERY difficult to troubleshoot. The exact same settings work great for our 5224 and 5136M switches. Let me know what config you need (switch or NPS) and I'll post it.

speedcolo

43 Posts

September 26th, 2009 19:00

It looks like the same thing happens for me with TACACS.  I have:

        service = exec {
                priv-lvl = 15
        }

...which works fine under 53xx and 54xx, but does not enable me automatically under 62xx.

achus

1 Message

October 19th, 2009 13:00

Hello,

I have a PowerConnect 6248 and is able to authenticate it with the windows 2008 NPS (RADIUS Authentication), now I can login to the http console using my domain userid, but it is in read only mode, and cannot do any administrative operations from web console.

I have followed : http://www.dell.com/downloads/global/products/pwcnt/en/3424_radius_auth_using_msserver.pdf and http://youritguy.wordpress.com/2009/10/02/aaa-radius-authentication-with-windows-server-2008/ but nothing helps. Still I am only able to login as read only mode. It is nice to know that you have a working configuration for NPS, I request you to share the configuration with me too.

Thanks in Advance

Achus

View More

View All

No Events found!

Top