Login attempts by RADIUS users always fail
Symptom
Attempts by a RADIUS user to log in to the network access device always fail, even though the following conditions exist:
The network access device and the RADIUS server can communicate with one another.
All AAA settings are correct.
Analysis
RBAC requires that a login user have a minimum of one user role. If the RADIUS server does not authorize the login user to use any user role, the user cannot log in to the device.
Solution
To resolve the issue:
Use one of the following methods:
Configure the role default-role enable command. A RADIUS user can log in with the default user role when no user role is assigned by the RADIUS server.
Add the user role authorization attributes on the RADIUS server.
If the issue persists, contact Hewlett Packard Enterprise Support.