Hi all,
I'm experiencing authentication problems with this configuration on HPE5510 R1309:
radius scheme system
primary authentication 10.40.0.208
key authentication cipher $c$3$miP5XfL7OV3vTSlz8OsyWF+O0jl2QvIj4FemMw==
user-name-format without-domain
nas-ip 10.99.80.6
#
domain system
authentication login radius-scheme system local
authorization login radius-scheme system local
The radius server is a Freeradius 3.0.16
I've enabled "debug radius all", below the output:
<TWR-F> *Oct 31 14:23:56:738 2018 TWR-F RADIUS/7/EVENT:
Got request data successfully, primitive: authentication.
*Oct 31 14:23:56:738 2018 TWR-F RADIUS/7/EVENT:
Getting RADIUS server info.
*Oct 31 14:23:56:738 2018 TWR-F RADIUS/7/EVENT:
Got RADIUS server info successfully.
*Oct 31 14:23:56:739 2018 TWR-F RADIUS/7/EVENT:
Created request context successfully.
*Oct 31 14:23:56:739 2018 TWR-F RADIUS/7/EVENT:
Created request packet successfully, dstIP: 10.40.0.208, dstPort: 1812, VPN instance: --(public), socketFd: 34, pktID: 56.
*Oct 31 14:23:56:739 2018 TWR-F RADIUS/7/EVENT:
Added packet socketfd to epoll successfully, socketFd: 34.
*Oct 31 14:23:56:739 2018 TWR-F RADIUS/7/EVENT:
Mapped PAM item to RADIUS attribute successfully.
*Oct 31 14:23:56:739 2018 TWR-F RADIUS/7/EVENT:
Got RADIUS username format successfully, format: 2.
*Oct 31 14:23:56:739 2018 TWR-F RADIUS/7/EVENT:
Added attribute user-name successfully, user-name: test.
*Oct 31 14:23:56:739 2018 TWR-F RADIUS/7/EVENT:
Filled RADIUS attributes in packet successfully.
*Oct 31 14:23:56:739 2018 TWR-F RADIUS/7/EVENT:
Composed request packet successfully.
*Oct 31 14:23:56:739 2018 TWR-F RADIUS/7/EVENT:
Created response timeout timer successfully.
*Oct 31 14:23:56:739 2018 TWR-F RADIUS/7/PACKET:
User-Name="test"
NAS-Identifier="TWR-F"
Framed-IP-Address=10.40.10.83
NAS-Port-Type=Virtual
Acct-Session-Id="00000001201810311423560000000108100627"
User-Password=******
Service-Type=Login-User
NAS-IP-Address=10.99.80.6
H3c-Product-Id="HPE 5510 48G 4SFP+ HI 1-slot Switch JH146A"
H3c-Nas-Startup-Timestamp=1540985598
*Oct 31 14:23:56:740 2018 TWR-F RADIUS/7/EVENT:
Sent request packet successfully.
*Oct 31 14:23:56:740 2018 TWR-F RADIUS/7/PACKET:
01 38 00 b1 1f 73 10 14 69 b3 0a 4e 13 6f b9 17
71 8f c8 7d 01 06 74 65 73 74 20 07 54 57 52 2d
46 08 06 0a 28 0a 53 3d 06 00 00 00 05 2c 28 30
30 30 30 30 30 30 31 32 30 31 38 31 30 33 31 31
34 32 33 35 36 30 30 30 30 30 30 30 31 30 38 31
30 30 36 32 37 02 12 7b b9 99 47 fe 2b 32 62 9b
21 7a cf 68 e8 58 d4 06 06 00 00 00 01 04 06 0a
63 50 06 1a 32 00 00 63 a2 ff 2c 48 50 45 20 35
35 31 30 20 34 38 47 20 34 53 46 50 2b 20 48 49
20 31 2d 73 6c 6f 74 20 53 77 69 74 63 68 20 4a
48 31 34 36 41 1a 0c 00 00 63 a2 3b 06 5b d9 92
fe
*Oct 31 14:23:56:740 2018 TWR-F RADIUS/7/EVENT:
Sent request packet and create request context successfully.
*Oct 31 14:23:56:740 2018 TWR-F RADIUS/7/EVENT:
Added request context to global table successfully.
*Oct 31 14:23:56:740 2018 TWR-F RADIUS/7/EVENT:
Processing AAA request data.
*Oct 31 14:23:56:741 2018 TWR-F RADIUS/7/EVENT:
PAM_RADIUS: Sent authentication request successfully.
*Oct 31 14:23:56:759 2018 TWR-F RADIUS/7/EVENT:
Reply SocketFd recieved EPOLLIN event.
*Oct 31 14:23:56:759 2018 TWR-F RADIUS/7/EVENT:
Received reply packet succuessfully.
*Oct 31 14:23:56:760 2018 TWR-F RADIUS/7/EVENT:
Found request context, dstIP: 10.40.0.208, dstPort: 1812, VPN instance: --(public), socketFd: 34, pktID: 56.
*Oct 31 14:23:56:760 2018 TWR-F RADIUS/7/EVENT:
The reply packet is valid.
*Oct 31 14:23:56:760 2018 TWR-F RADIUS/7/EVENT:
Decoded reply packet successfully.
*Oct 31 14:23:56:760 2018 TWR-F RADIUS/7/PACKET:
02 38 00 14 06 87 b7 fe 69 24 46 2d 01 bb f6 db
a4 15 d3 d8
*Oct 31 14:23:56:760 2018 TWR-F RADIUS/7/EVENT:
Sent reply message successfully.
*Oct 31 14:23:56:760 2018 TWR-F RADIUS/7/EVENT:
PAM_RADIUS: Fetched authentication reply-data successfully, resultCode: 0
*Oct 31 14:23:56:760 2018 TWR-F RADIUS/7/EVENT:
PAM_RADIUS: Received authentication reply message, resultCode: 0
*Oct 31 14:23:56:762 2018 TWR-F RADIUS/7/EVENT:
PAM_RADIUS: Processing RADIUS authorization.
*Oct 31 14:23:56:762 2018 TWR-F RADIUS/7/EVENT:
PAM_RADIUS: RADIUS Authorization successfully.
%Oct 31 14:23:56:763 2018 TWR-F SSHS/6/SSHS_LOG: Accepted password for test from 10.40.10.83 port 53869.
%Oct 31 14:23:57:786 2018 TWR-F SSHS/6/SSHS_CONNECT: SSH user test (IP: 10.40.10.83) connected to the server successfully.
%Oct 31 14:23:58:136 2018 TWR-F LOGIN/5/LOGIN_FAILED: test failed to log in from 10.40.10.83.
%Oct 31 14:24:01:148 2018 TWR-F SSHS/6/SSHS_LOG: User test logged out from 10.40.10.83 port 53869.
%Oct 31 14:24:01:148 2018 TWR-F SSHS/6/SSHS_DISCONNECT: SSH user test (IP: 10.40.10.83) disconnected from the server.
The authentication and authorization phases seem to be successful, but in the end I get only:
LOGIN/5/LOGIN_FAILED and SSHS/6/SSHS_DISCONNECT:
Has anyone experienced something like this?
Thx in advance
#Radius#aaa#ssh