I'm posting this because the thread already detailing the original issue has been locked. I've linked it here: https://community.sophos.com/sophos-xg-firewall/f/discussions/125928/radius-test-failed
In the original post by user Josh Rogalski, he was trying to set up RADIUS and was receiving the error "Device-RADIUS server connectivity test failed" when trying to run the test and no other information was provided by the error. In my case, I was trying to do something similar, but also incorporating Azure MFA into the mix. That isn't necessarily relevant, other than the fact that when I ran the test, the RADIUS server would receive the "Access-Request" RADIUS Message, I would be prompted by Azure MFA, and as soon as I approved the request, the RADIUS server would respond with an "Access-Accept" message (verified by Wireshark) and then the XG would report that the test had failed.
We did our own troubleshooting and then contacted Sophos support with little success. Eventually I started experimenting and discovered the issue lied with the RADIUS Shared Secret. What I found through trial and error is that the maximum length of the RADIUS Shared Secret is 48 characters. We were using the Windows Server 2019 default of 64 characters, and that was the cause of the issue. Once I dropped the Shared Secret length to 48 characters or less, the test completed successfully.
I'm not sure if this would have fixed OP's issue or not, but I wanted to add my experience to the discussion as it took us a very long time to get to this solution.
This thread was automatically locked due to age.
