Configuring Radius authentication - available "fall back to local auth" options

Article Id: 167842

Status: Published

Updated On: 13-05-2017 10:52

Legacy Id: TECH243853

Products:

XOS

Issue/Introduction:

This article describes Radius authentication configuration "fall back to local auth" options in XOS 9.5.3 and later.

Cause:

n/a

Resolution:

XOS 9.5.3 and newer adds a new Radius configuration parameter " fallback-to-local auth". The following is a description of the command and the parameters.

CBS# configure radius-server host <IP_address>  key <word>  fallback-to-local
 Fallback to local auth [permit-all, permit-root, disable] Default is permit-all

1. permit-all (default)

All users can authenticate using either the local password or the Radius password.

2. permit-root

Only admin and root accounts can authenticate using the local password.

3. disable

When the Radius server is up, all users have to authenticate to the Radius server. The local password will not work unless the radius server is not available.

Workaround

N/A