Configuration issue at radiusd.conf?

Matthew Newton mcn at
Fri May 14 22:42:48 CEST 2021

On 14/05/2021 17:17, Honglak Kim via Freeradius-Users wrote:
> (0) Sent Access-Accept Id 116 from to length 0
> (0)   Juniper-Local-User-Name = "admin"
> (0)   Arista-AVPair = "shell:priv-lvl=15"
> (0)   Arista-AVPair = "shell:roles=network-admin"
> (0)   PaloAlto-Admin-Role = "superuser"
> (0)   PaloAlto-Panorama-Admin-Role = "superuser"
> (0)   PaloAlto-User-Group = "all"
> (0) Finished request

That looks like you're trying to give console access to a switch/router.

The debug output seems correct, in that you're sending back an 
Access-Accept. However you need to carefully read the switch 
documentation. They are usually very picky about what attributes are 
expected. If you send back the wrong ones, or slightly the wrong format, 
it won't work and access will be denied.

Try checking the debug logs on your device, assuming it gives you some, 
to see if it says anything.

Make sure you're not firewalling/filtering responses (e.g. ACLs on the 

FreeRADIUS seems to be working correctly from what you have sent.


More information about the Freeradius-Users mailing list