Re: SBR Authentication issue

Saurabh_ · ‎05-24-2011

Recently have got the SBR enterprise edition running in our network.

I am trying to MX480s to get authentication from radius but observing below messages.

May 25 02:49:49.737 IGW-MUM-R01 sshd[7455]: Failed password for temp from 14.97.29.149 port 2938 ssh2

May 25 02:49:52.244 IGW-MUM-R01 sshd[7456]: Connection closed by 14.97.29.149May 25 02:49:52.245 IGW-MUM-R01 inetd[1391]: /usr/sbin/sshd[7455]: exited, status 255_

The require config on SBR related to Native user/Authenteicatio Method and all are configured.

Please let me know if someone can help

Raveen_ · ‎05-25-2011

Verify the following,

1. You have added the Radius Client.

2. Check if shared_secret key is correct at both ends.

3. Verify the authentication port. and ip_address of the radius server configured

4. Check if you configured right password in SBR and youa re entering the same while getting authenticated.

IF above all is checked, you will have to attach the attach the config and SBR logs taken in level 2.

Regards,

raveen

Saurabh_ · ‎05-25-2011

Yes all of them are in place.

Please find the below config

radius-server {

172.16.10.13

{ port 1812;

accounting-port 1813;

secret "$9$oZJUimPQ/9pgoJUjimP5TzFn/u0IcSeuOhrlK7N"; ## SECRET-DATA

source-address 172.16.10.253;

}

radius-options {

password-protocol mschap-v2;

}_

jcanchola_ · ‎05-25-2011

Generally when we have password issues on a switch or a router we need to verify a few things.

First, is the shared secret the same on both the Switch/router and the SBR server?

Is the password being entered correctly?

If nothing else we need to see a debug log from the SBR server to determine the reason for the reject.

Rabbit_ · ‎05-26-2011

I would test the setup with a very simple shared secret, I suggest setting it to 12345 on both the SBR server and the Switch/Router and then test it again.

If it works, the issue may have been with the length of your shared secret or, a mis-typed key.

Regards,

Rich