SPS224G4 trouble with Radius

Unanswered Question
Nov 3rd, 2009


trying to login into our SPS224G4 using Radius authentifacation and still unsuccessfull.

May be this is bug may be my misconfiguration.




radius-server host key kf2f2ff2DADsaahhsnnkA source source usage login
radius-server deadtime 1

This is my radius-server configuration:

Linksys_t# sh radius-servers

  IP address    Port  port  Time-   Ret-  Dead-     source IP    Prio. Usage
                Auth  Acct  Out     rans  Time
--------------- ----- ----- ------ ------ ------ --------------- ----- -----    1812  1813  Global Global Global     0   login

Global values

TimeOut : 3
Retransmit : 3
Deadtime : 1
Source IP :
Source IPv6 : ::


aaa authentification

aaa authentication enable perRadius none
aaa authentication login perRadius radius none
line telnet
login authentication perRadius
enable authentication perRadius

Linksys_t# sh authentication  me

Login Authentication Method Lists
Default             : Local
perRadius           : Radius   None

Enable  Authentication Method Lists
Default             : Enable   None
perRadius           : None

Line           Login Method List         Enable Method List
-------        -----------------         -------------------
Console        Default                   Default
Telnet         perRadius                 perRadius
SSH            Default                   Default

http                : Local
https               : Local

So if you look into my config, when I telenet to linksys SPS224 I should login using RADIUS. But it allways return: "Linksys_t# sh authentication  me:         :
"authentication failed"


I digg deeply with Wireshark tool, the results you can see into radius_linksys_accept.pcap file

My Radius say: "access-accepted", therefore Linksys still says "authentication failed"

So what is the problem, am I misconfigured something?

This Radius work fine with Cisco and D-link switches.

running-config also attached (linksys.conf)

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
chrcoope Wed, 11/04/2009 - 07:47


I wanted to let you know that I will be testing this in my lab when time permits. I have an SPS224G4 though, is that an exact match for your equipment? I do not seem to have any SPS224s.



Alejandro Gallego Thu, 11/05/2009 - 14:10

Please take a look at "Event Viewer" on your RADIUS server and post the error log for the source IAS.

Also inside the IAS snap in > RRAS policy > your policy > Right Click > Edit Profile; then "Advanced" what are the attributes listed? Looking for Name and Value. Please post what you have.

I was able to confirm that RADIUS is working as expected, so we should be able to correct your configuration.

Screen shot 2009-11-05 at 5.26.19 PM.pngScreen shot 2009-11-05 at 5.26.56 PM.png

alissitz Fri, 11/06/2009 - 09:38

Not sure if this is related, however I would suggest to also ensure that the Radius server is configured with a priv level 15 username.

If you are trying to pass additional attributes such as privilege levels or command sets to the switch, the switch might not understand these and respond with an authentication failed.


Andrew Lee Lissitz

JevgenijSabaliauskas Tue, 11/10/2009 - 13:19

Actually at this moment our distributor asked to give this switch back, so I'm not able to test it anymore. :(

Also I can't check Radius configuration now too, but Cisco ME2400 works with it perfectly.

If you see into my attached CAPTURE file, you can see that Radius says "Connection-accept" with parameter as you listed:

Cisco-AVPair: priv-lvl=15


But Liksys still doesn't accept this connetion.

As soon as it will be possible to get this SW for testing, I'll try one more time.

Thanks for your answers.

alissitz Wed, 11/11/2009 - 10:28

I am sorry that we did not get this working before you had to give the switch back.  I you get another opp to test this, do please try back within this community.

Kindest regards and have a great week,



This Discussion