Hi CheckMates,
There are couple of topics on this community regarding 2FA via radius on Sparks.
A few of you noticed an issue with Spark and radius with fw older then R81.10.
It was due to Spark below R81.10 supports only radius 1.0.
From R81.10 it supports radius 2.0 and issues with passwords longer then 16 characters should be gone.
Well ... as far as I see not entirely 🙂
On last Saturday I was configuring my new Spark 1570.
Because I'm a huge fan of 2FA it was pretty sure that I will configure radius.
So I did it ... and faced an issue.
I have R81.10.05 (996001002) and it's locally mgmt.
On radius server I have user with password longer then 10 characters (+6 OTP = 16) ...
I had no issues with logging in to mgmt portal, but I was not able to log in using the same user to VPN (wrong credentials).
After some diggings I noticed in radius logs something like that as password "1234567890abcdef\12\34\56\23" - so soon after exactly 16 characters there is "a mess" - which is exactly the same as it looks like with radius 1.0.
It looks like Spark supports radius 2.0 but not for VPN (here it is still radius 1.0 constraint) 🙂
Falks from R&D maybe you can take a look at this ?
--
Best
m.