Unable to authenticate to radius with username more than 20 characters

Question

Hi folks,&nbsp;
&nbsp;I'm implementing an iRule for radius authentication as below&nbsp;
&nbsp;when CLIENT_ACCEPTED {
&nbsp;set authinsck 0
&nbsp;set forceauth 1
&nbsp;set ckname BIGXAUTH
&nbsp;set ckpass 1xxx5678
&nbsp;set ckvalue [IP::client_addr]
&nbsp;set ckdomain .foo.com
&nbsp;set asid [AUTH::start pam default_radius]
&nbsp;}&nbsp;
&nbsp;This became problem when certain users with username trying to authenticate using username more than 20 characters. We did not see log information in the cisco ACS server. This behaves differently when users trying to authenticate with username less than 20, it’ll be logged in the ACS server even with failed password. I’ve check with tcpdump but nothing can be seeing during the authentication progress.&nbsp;
&nbsp;Is that related with set ckname 1xxx5678 ?&nbsp;
&nbsp;Thanks,
&nbsp;Aan

colin_walker_12 · Answer

You're saying that when you manually set the ckname to be more than 20 characters you're unable to login and not seeing any data being logged?&nbsp;
&nbsp;Are you sure this is a problem on the BIG-IP? Could it be a limitation of the radius system?&nbsp;
&nbsp;Colin

Forum Discussion

Unable to authenticate to radius with username more than 20 characters

Recent Discussions

AS3 Limitations

Unable to install firmware OS and drop at 10%

Statistics ›› Analytics : HTTP : Overview

How to Renew F5 Device Certificate

F5 ASM CEF Sending Logs in Specific TimeZone

Related Content

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

iControl REST Authentication Token Management

Doing mTLS Authentication per URL

Two-Factor Authentication With Google Authenticator And APM

Application Programming Interface (API) Authentication types simplified

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS