RADIUS Auth

Question

Hi, I have followed the guide on remote user auth but I have an issue, the users with administrator role can login just fine, but none of the others can (guest and auditor)

In the F5 external users group I have this:

Attr string: F5-LTM-User-Info-1=mgmt
Assigned Role: %F5-LTM-User-Role
Partition access: %F5-LTM-User-Partition
terminal access: %F5-LTM-User-Shell

In RADIUS we have this for admins

match user group "F5-Admin"

0,all,enable,tmsh,mgmt

and this for guests:

match user group "F5-Guest"
700,all,enable,disable,mgmt

When a guest logs in it just says failed login attempt. I tried creating a second external users group called guests and looked for "Attr string: F5-LTM-User-Role=Guest" which also did not work and have now removed.

Any ideas on where I am going wrong? I ran radius debugging but it did not show anything useful.

paulius · Answer

Does your radius debugging show that the user is authenticating to the RADIUS server?

jamescrk · Answer

yes it does seem so, this is the log:&nbsp;pam_radius_auth: pam_radius_auth: user &lt;username&gt; not authenticated

jamescrk · Answer

I think radius side is wrong, does this look correct? Admin is exactly the same but with 0 instead of 700.&nbsp;&nbsp;

Forum Discussion

RADIUS Auth

Recent Discussions

F5 Application common issues

Is network access bypassing APM logon pages?

<apm_do_not_touch> in JS file failing</apm_do_not_touch>

Suddenly Can't access Login Box to F5 LTM Via SSH & GUI

LTM + GTM on same box

Related Content

iRule based RADIUS Client Stack

iRule based RADIUS Health Monitor Builder

iRule based RADIUS Server Stack

Bolt-on Auth with NGINX Plus and F5 Distributed Cloud

RADIUS update NAS-IP-Address