Cisco Bug: CSCvt54792 - C1111 not generating AAA/Radius packets for dot1x auth unless password encryption is disabled
Sep 01, 2020
- Cisco IOS
Known Affected Releases
Issue is customer visible, customer found. Symptom: When using type 6 passwords (passwords encrypted with AES) under the RADIUS server group, IOS XE Router (issue has been seen on C1111 but it's not limited to only this platform) stops generating RADIUS packets used for 802.1X authentication. Conditions: Router configured to encrypt the password: password encryption aes key config-key password-encrypt radius server ISE2 address ipv4 x.x.x.x auth-port 1645 acct-port 1646 key 6 <encryped_password> * This issue only exhibits when a dot1x authentication needs to be performed. ** "Test aaa" will work fine.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases