Login attempts by RADIUS users always fail

Attempts by a RADIUS user to log in to the network access device always fail, even though the following conditions exist:

• The network access device and the RADIUS server can communicate with one another.

• All AAA settings are correct.

RBAC requires that a login user have a minimum of one user role. If the RADIUS server does not authorize the login user to use any user role, the user cannot log in to the device.

To resolve the issue:

1. Use one of the following methods:

   • Configure the role default-role enable command. A RADIUS user can log in with the default user role when no user role is assigned by the RADIUS server.

   • Add the user role authorization attributes on the RADIUS server.

2. If the issue persists, contact Hewlett Packard Enterprise Support.