Forum Discussion
RADIUS Auth
Hi, I have followed the guide on remote user auth but I have an issue, the users with administrator role can login just fine, but none of the others can (guest and auditor)
In the F5 external users group I have this:
Attr string: F5-LTM-User-Info-1=mgmt
Assigned Role: %F5-LTM-User-Role
Partition access: %F5-LTM-User-Partition
terminal access: %F5-LTM-User-Shell
In RADIUS we have this for admins
match user group "F5-Admin"
0,all,enable,tmsh,mgmt
and this for guests:
match user group "F5-Guest"
700,all,enable,disable,mgmt
When a guest logs in it just says failed login attempt. I tried creating a second external users group called guests and looked for "Attr string: F5-LTM-User-Role=Guest" which also did not work and have now removed.
Any ideas on where I am going wrong? I ran radius debugging but it did not show anything useful.
Does your radius debugging show that the user is authenticating to the RADIUS server?
- JamesCrkCirrus
yes it does seem so, this is the log:
pam_radius_auth: pam_radius_auth: user <username> not authenticated
- JamesCrkCirrus
I think radius side is wrong, does this look correct? Admin is exactly the same but with 0 instead of 700.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com