Radius Administrator Authentication

Hi,

i'm trying to configure the admin authentication to use our radius-backend server. Unfortunately it doesn't work.

I first configured the server:

Than change the method to use radius:

But the login doesn't work. 

the radius-server by itselfs accepts the credentials.

Can you give me an hint?

Thanks & Regards,

Benedikt Wehr

  • Benedikt,

    you did not enabled the Accounting as suggested from this KB:

    https://community.sophos.com/kb/en-us/123164

    Can you enable it and see if it works?

    Thanks

  • In reply to lferrara:

    Hi,

    thank you for your idea. Just tried that. Unfortunately it didn't work. Besides the ports, i use ports 1645/1646, it is just configured like the kb.

    I use SFOS 16.05.2 MR-2.

    Thanks!!

  • In reply to BenediktWehr:

    Benedikt,

    can you check access_server.log from /var/tslog and see if you find something interesting?

    Thanks

  • In reply to lferrara:

    Hi Luk,

    sorry - not very interesting:

    ERROR     Mar 21 07:38:15 [4144580416]: handle_pam_authorization: VPN/SSLVPN/MYACC Authorization Failed, result_code=1

    Thanks

  • In reply to BenediktWehr:

    Hey, 

     

    Did you ever get this resolved?

    I'm facing the exact same problem with the exact same log errors in CLI and GUI which you have.

    TAC told me it's solved in 16.05 MR5 (there is also a statement in the release notes that webadmin radius auth is fixed) but it doesnt work unless i create a local user and authenticate with my AD credentials (which is different from the local user password, only the username is the same).