This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
LostBoY
Advisor
‎2022-01-25 09:30 AM
Jump to solution

Login failure for a RADIUS User

i have integrated my R80.40 smartoconsole and GWs with CIsco ISE via RADIUS protocol.. facing a weird issue for a single user who is not able to loign to smartconsole citing an error authentication failed.. however same password works for CLI login.

There are other users also configured on the same device but none of them have any issue.. any help is appreicated

0 Kudos
1 Solution

Accepted Solutions
LostBoY
Advisor
‎2022-01-25 09:23 PM
Jump to solution

Thank you all for the replies.. it turned out RADIUS version 1 was configured for ISE object in Smartconsole which was limiting the password character to 16.. i changed it to v2 and now its working fine

 

it was a mere coincidence that the one user which was affected was using a 17 letter password XD

View solution in original post

4 Replies
the_rock
Legend
Legend
‎2022-01-25 12:30 PM
Jump to solution

Just going by my pure logic here, first thing I would personally check is to make sure that permissions and settings for non working user are same as working ones. Assuming they all have same access, I cant really think of any other reason why this would fail. Is that the only message you see in the logs? If you do say tcpdump of fw monitor for that user's IP address or zdebug on just their usernames, what do you see?

Andy

0 Kudos
Vladimir
Champion
Champion
‎2022-01-25 04:18 PM
Jump to solution

Check the Permission Profile assigned to the user in question.

Also, when you are referring to CLI, are you referring to a Management CLI or CLISH?

 

Chris_Atkinson
Employee Employee
Employee
‎2022-01-25 06:35 PM
Jump to solution

On the user record is their any time or expiry constraint set?

CCSM R77/R80/ELITE
LostBoY
Advisor
‎2022-01-25 09:23 PM
Jump to solution

Thank you all for the replies.. it turned out RADIUS version 1 was configured for ISE object in Smartconsole which was limiting the password character to 16.. i changed it to v2 and now its working fine

 

it was a mere coincidence that the one user which was affected was using a 17 letter password XD

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top