SSH User Authentication using Radius 7250IXR-R6 & 7210MXP

Post Reply
Posts: 1
Joined: 17 Jul 2018 23:24

SSH User Authentication using Radius 7250IXR-R6 & 7210MXP

Post by fahadcsrock » 17 Jul 2018 23:45

Hi Guys

I am new to AAA server/configuration. For lab testing i am configuring SSH user to be authenticated via AAA server (RADIUS). On Nokia router (Alcatel routers) i have configured following:

config system security
authentication-order radius local
server 1 address secret testkey

Where AAA server IP is reachable from the Router.

On Radius Server, i have configured the RADIUS client with Router's System IP and secret matched between both. User account "TGTest" has been created on users file. User file contents:


TGTest Password = "Test123"
Auth-Type = System,
Service-Type = Login-User,
Idle-Timeout = 600,
Timetra-Access = console,
Timetra-Home-Directory = cf3:,
Timetra-Restrict-To-Home = true
Timetra-Default-Action = permit-all,
Timetra-Cmd = "tools;telnet;configure system security",
Timetra-Action = deny

On Radius server i can see that user auth request hits the server, but it didnt authenticate.
For testing i am using Nokia AAA (10.2), where Auth VSA is already installed/defined.

The error i am getting is that "5648 11:43:40.930 TGTest login failed due to Password check failure"

I am sure its not due to Authorization, as even without Authorization knob, same issue persist.

Do someone has any working (any radius) user file for such basic testing. or any guidelines, where i am mistaken.


Post Reply

Return to “7210 SAS”