Router User Manual
1 AAA troubleshooting
Nortel Secure Router 8000 Series
Troubleshooting - VAS
1-6 Nortel Networks Inc. Issue 01.01 (30 March 2009)
Configure the shared key on the RADIUS server template. The shared key should be the same
as that on the server side.
RADIUS supports a specified source address. You can configure the IP address of the
specified loopback interface as the source address of RADIUS packets. You can then send the
packets to a RADIUS server.
After configuring a RADIUS server template, associate the template name with a domain in
the corresponding domain view.
HWTACACS server template
The HWTACACS server template is different from the RADIUS server template as follows:
z
It contains an authorization server and a backup authorization server.
z
It supports packets with the source address configured directly instead of the address of
the loopback interface.
After configuring an HWTACACS template, associate the template name with a domain in
the corresponding domain view.
1.2 Troubleshooting local user authentication
This section covers the following topics:
z
Typical networking
z
Configuration notes
z
Troubleshooting flowchart
z
Troubleshooting procedure
1.2.1 Typical networking
Figure 1-3 shows a typical networking diagram for local authentication.
Figure 1-3 Networking diagram of local authentication
Client
PPP Serial 4/0/0
9.1.1.1
Host
PPP Serial 1/1/0
9.1.1.2