Starting to tear my hair out over this one.
Recently wiped and upgraded an EX4200 to 15.1R6.7. Dropped in my standard
Radius config that’s working on all my other devices. Users that are locally
configured on the 4200 can log in normally, but SSH sessions that are Radius
authenticated get the session closed immediately upon supplying the correct
password. Giving the wrong password gets you another password prompt. Google
keeps taking me to pages talking about BRAS/Dialup sorts of issues.
Here’s what’s working on all the other switches and routers, but not on the
newly upgraded switch:
system {
radius-server {
10.a.b.c {
secret "$9$shh_don't_tell_anyone"; ## SECRET-DATA
source-address 10.p.q.r;
}
10.x.y.z {
secret "$9$shh_don't_tell_anyone"; ## SECRET-DATA
source-address 10.p.q.r;
}
}
radius-options {
password-protocol mschap-v2;
The Radius servers are reachable by the source address.
After re-reading the Radius configuration pages, I added this to the config,
with no effect. Behavior is the same.
groups {
global {
system {
login {
user remote {
class super-user;
}
}
}
}
}
Pointers and cluebats appreciated.
—Chris
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
