Alcatel Unleashed

Hi,

I am in the process of enabling SSH on my remote site(around 60 sites).

My current firmware is 6.4.2.880 R01 SR Jan 14, 2010.

I had mixed result from enabling SSH on my remote site, some was able to SSH after I input the commands, however, some just displayed a blinking cursor.

When I do a "Show log swlog" on the failed switch, it shown authentication success.(via RADIUS)

These are the commands I input:

aa radius-server "RADIUS-SVR" host X.X.X.X key XXXXXXX retransmit 3 timeout 5 auth-port 1645 acct-port 1646
ssh enable
aaa authentication ssh "RADIUS-SVR" "local"
no aaa authentication telnet
no ip service telnet
qos disable
qos user-port shutdown bpdu
policy network group Telnet_88 X.X.X.X
policy port group UserPorts 1/1-23
policy condition Condition_88 source network group Telnet_88 destination tcp port 22
policy condition Condition_88_Disallow source ip Any destination tcp port 22
policy action Allow_Traffic
policy action Deny_Traffic disposition deny
policy rule Rule_Allow precedence 100 condition Condition_88 action Allow_Traffic
policy rule Rule_88_Disallow precedence 50 condition Condition_88_Disallow action Deny_Traffic
qos apply

aaa authentication default "local"
aaa authentication console "local"
no aaa authentication telnet
aaa authentication snmp "local"
aaa authentication ssh "RADIUS-SVR" "local"

Hope someone can help, appreciate.

Thank you,

Never had that.
Do you still have the problems, when disabling the qos policys?
-> qos disable
Does it get better wirh a more current AOS?

I done that(disable qos) but can't

A more current AOS had this command "ip managed-interface "vlan1" application radius" and its work.

However I can't possible upgrade ALL my 60 sites, will take too long.

Is it Radius related ?
e.g. if you issue a
"aaa authentication ssh local"
the problem persists?

Because the
"ip managed-interface "vlan1" application radius"
just says that for radius the IP of VLAN 1 should be used as source for raidus..