Wireless (General)

Expand all | Collapse all

SSH users with RADIUS authentication not getting administrator privileges

Patrick Voss

Patrick Voss04-18-2016 17:51

  • 1.  SSH users with RADIUS authentication not getting administrator privileges

    Posted 04-18-2016 17:27
    Thanks Patrick

    I have problems with SSH2 authentication on summitX-in version 16.1.3.6 16.1.3.6 1-2.cos-patch-patch 1.2. When authenticates about Radius with a user who has administrator permissions not let modify read-only changes. Version may have problem?

    This the more information about firmware last intalled
    # sh ver images
    Card Partition Installation Date Version Name Branch
    ------------------------------------------------------------------------------
    Switch primary Fri Nov 7 18:35:13 UTC 2014 15.5.3.4 summitX450-15.5.3.4.xos v1553b4
    Switch secondary Thu Apr 14 10:13:01 COT 2016 16.1.3.6 summitX-16.1.3.6-patch1-2.xos 16.1.3.6-patch1-2
    Switch secondary Thu Apr 14 10:15:20 COT 2016 16.1.3.6 summitX-16.1.3.6-patch1-2-ssh.xmod 16.1.3.6-patch1-2

    Note: This conversation was created from a reply on: NO MESSAGE DECODE; Missing component "AAA.RADIUS" v38.1.


  • 2.  RE: SSH users with RADIUS authentication not getting administrator privileges

    Posted 04-18-2016 17:41
    Hello Jairo,

    Was this working in the past and suddenly stopped working? If the user is not getting the correct permissions but is authenticating it is typically a server issue. Have you looked at the server side to make sure they are matching on the correct policies?



  • 3.  RE: SSH users with RADIUS authentication not getting administrator privileges

    Posted 04-18-2016 17:42
    Hi Jairo,

    Have you made sure to add the VSA for administrator rights into the RADIUS server?

    ____________

    On the radius server a normal user is needed for User access. If the user needs admin rights on the switch the following needs to be added to the radius user.Service-Type = Administrative-User[/code]LINK: https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-configure-RADIUS-authentication-for...


  • 4.  RE: SSH users with RADIUS authentication not getting administrator privileges

    Posted 04-18-2016 17:47
    Radius authentication Radius Server is on a Windows 2012, there may be incompatibility of servers?


  • 5.  RE: SSH users with RADIUS authentication not getting administrator privileges

    Posted 04-18-2016 17:51
    Was this ever working?


  • 6.  RE: SSH users with RADIUS authentication not getting administrator privileges

    Posted 04-18-2016 18:03
    shared configuration Radius over switch x440-24p

    configure radius mgmt-access primary server 10.120.11.60 1812 client-ip 10.128.50.4 vr VR-Default
    configure radius mgmt-access primary shared-secret encrypted "A


  • 7.  RE: SSH users with RADIUS authentication not getting administrator privileges

    Posted 04-18-2016 18:06
    Hello Jairo,

    Did the Radius setup ever work properly or is this a new setup?


  • 8.  RE: SSH users with RADIUS authentication not getting administrator privileges

    Posted 04-18-2016 18:12
    We have the same configuration of Radius 800 switches more but with version 15.3.3.5 v1533b5-patch1-6


  • 9.  RE: SSH users with RADIUS authentication not getting administrator privileges

    Posted 04-18-2016 18:12
    This equipment is new and installation is new. Quizimos try this new firmware and only works Telnet.


  • 10.  RE: SSH users with RADIUS authentication not getting administrator privileges

    Posted 04-18-2016 18:12
    Hi Jairo,

    Is the same user that is having trouble in 15.6 able to work in 15.3?
    Is the SSH module downloaded and installed on the switches with 15.6?
    Has SSH2 been enabled in the switches with 15.6?

    Can you post a 'show management' from the switch?


  • 11.  RE: SSH users with RADIUS authentication not getting administrator privileges

    Posted 04-18-2016 18:12
    The problem is with the version 16.1.3.6 Patch 1-2 when required to manage the switch by SSH2 not allowed to enter as administrator only shows reading options.



  • 12.  RE: SSH users with RADIUS authentication not getting administrator privileges

    Posted 04-18-2016 18:22
    The problem is with the version 16.1.3.6 Patch 1-2 when required to manage the switch by SSH2 not allowed to enter as administrator only shows reading options.



  • 13.  RE: SSH users with RADIUS authentication not getting administrator privileges

    Posted 04-18-2016 18:28
    Hello Jairo,

    Brad is asking if the same user experiences the same issue on a different switch.


  • 14.  RE: SSH users with RADIUS authentication not getting administrator privileges

    Posted 04-18-2016 19:00
    Not only have we proven this to be installed as new. Tomorrow we will be testing with other devices


  • 15.  RE: SSH users with RADIUS authentication not getting administrator privileges

    Posted 04-18-2016 19:10