There were two issues discovered with this issue.
1: The Radius command line interface command was wrong.
Using the Command "show config" in the command line interface ( CLI) command, we see this configuration output for Radius:
; Configure Authentication Realms
! - BEGIN RADIUS for Admin Authentication
; Configure authenication realm for admin access
security radius create-realm Radius_Admin_Auth @(RADIUS_ADMIN_AUTH_SERVER_1) 1812
security radius edit-realm Radius_Admin_Auth
primary-server secret @(RADIUS_ADMIN_AUTH_SECRET_1)
alternate-server secret @(RADIUS_ADMIN_AUTH_SECRET_2)
alternate-server @(RADIUS_ADMIN_AUTH_SERVER_2) 1812
! - END RADIUS for Admin Authentication
In the above command, the SECRET key is missing.
In this Overlay -provided above - the RADIUS is configured with the command
" security radius create-realm Radius_Admin_Auth @(RADIUS_ADMIN_AUTH_SERVER_1) 1812"
The correct command should be as below.
"security radius create-realm <realm-name> <secret> <primary-server host> [<primary-server port>]"
2: The secret key cannot contain a exclamation mark "!" for these reasons:
- Question: :If we use w!AkAVEme does it only take the w and ignore everything after the !
- The CLI parser recognizes ! as a comment character only if it is the first character is a token. So, tokens can have embedded ! chars. They just cannot start with this char.
- Question: :If we use !AkAVEme does it take "!"AkAVEme or "!AkAVEme"?
- The double quote can be used to get the parser to ignore special characters - like ! and to group characters into a single token (ie. allows embedded spaces). The double quote characters are not part of the token. and need to be around the entire string as per the later example. So, with "!AkAVEme", you get !AkAVEme
NOTE1: For an overview of how to setup Radius on a Director appliance, see 000008704
NOTE2: For a list of what Radius vendors Bluecoat supports, see 000015489