5500和winradius配合做telnet登录认证，遇到问题，请大家帮忙看看是什么原因导致的

bigwillywxg

S5500 IP：192.168.1.200
Winradius服务器IP：192.168.1.1

请高手帮忙看一下，问题出在什么地方，我试验了ACS freeradius tekradius winradius 都遇到同样的问题 服务器端抓包提示radius认证已经通过了，但交换机上日志提示如下：
%Apr 26 17:06:20:465 2000 radius-test SC/6/SC_AAA_LAUNCH: -AAAType=AUTHEN-AAAScheme= radius-scheme tek-Service=login-UserName=admin@system; AAA launched.
%Apr 26 17:06:20:474 2000 radius-test SC/6/SC_AAA_SUCCESS: -AAAType=AUTHEN-AAAScheme= radius-scheme tek-Service=login-UserName=admin@system; AAA is successful.
%Apr 26 17:06:20:474 2000 radius-test SC/6/SC_AAA_LAUNCH: -AAAType=AUTHOR-AAAScheme= local-Service=login-UserName=admin@system; AAA launched.
%Apr 26 17:06:20:474 2000 radius-test LS/5/LS_AUTHOR_FAILURE: -AccessType=login-UserName=admin; Authorization is failed. User not found.
%Apr 26 17:06:20:475 2000 radius-test SC/5/SC_AAA_FAILURE: -AAAType=AUTHOR-AAAScheme= local-Service=login-UserName=admin@system; AAA is failed. Common.
%Apr 26 17:06:20:477 2000 radius-test SHELL/5/SHELL_LOGINFAIL:  TELNET user admin failed to log in from 192.168.1.100(cc00-0ba8-0000) on VTY1.
%Apr 26 17:06:28:591 2000 radius-test SHELL/5/SHELL_LOGINFAIL:  TELNET user admin failed to log in from 192.168.1.200 on VTY0.
%Apr 26 17:06:31:032 2000 radius-test SHELL/5/SHELL_LOGINFAIL:  TELNET user failed to log in from 192.168.1.200 on VTY0.
%Apr 26 17:06:41:534 2000 radius-test SHELL/6/SHELL_CMD: -Task=au0-IPAddr=**-User=**; Command is dis logbuffer


交换机配置如下：
<radius-test>dis cur
<radius-test>dis current-configuration  
#
version 5.20, Release 2220P02
#
sysname radius-test
#
irf mac-address persistent timer
irf auto-update enable
undo irf link-delay
#
domain default enable system
#
telnet server enable
#
undo ip http enable
#
password-recovery enable
#
vlan 1
#
radius scheme tek
primary authentication 192.168.1.1
key authentication cipher $c$3$PT0/CpPuh9jJi3uYjGCYF73QjsMAGA==
user-name-format without-domain
#               
domain system
authentication default radius-scheme tek
access-limit disable
state active
idle-cut disable
self-service-url disable
#
user-group system
group-attribute allow-guest
#
interface NULL0
#
interface Vlan-interface1
ip address 192.168.1.200 255.255.255.0
#
interface GigabitEthernet1/0/1
port link-mode bridge
#
interface GigabitEthernet1/0/2
port link-mode bridge
#
interface GigabitEthernet1/0/3
port link-mode bridge
#
interface GigabitEthernet1/0/4
port link-mode bridge
#
interface GigabitEthernet1/0/5
port link-mode bridge
#
interface GigabitEthernet1/0/6
port link-mode bridge
#
interface GigabitEthernet1/0/7
port link-mode bridge
#
interface GigabitEthernet1/0/8
port link-mode bridge
#
interface GigabitEthernet1/0/9
port link-mode bridge
#
interface GigabitEthernet1/0/10
port link-mode bridge
#
interface GigabitEthernet1/0/11
port link-mode bridge
#
interface GigabitEthernet1/0/12
port link-mode bridge
#
interface GigabitEthernet1/0/13
port link-mode bridge
#
interface GigabitEthernet1/0/14
port link-mode bridge
#
interface GigabitEthernet1/0/15
port link-mode bridge
#
interface GigabitEthernet1/0/16
port link-mode bridge
#
interface GigabitEthernet1/0/17
port link-mode bridge
#
interface GigabitEthernet1/0/18
port link-mode bridge
#               
interface GigabitEthernet1/0/19
port link-mode bridge
#
interface GigabitEthernet1/0/20
port link-mode bridge
#
interface GigabitEthernet1/0/21
port link-mode bridge
#
interface GigabitEthernet1/0/22
port link-mode bridge
#
interface GigabitEthernet1/0/23
port link-mode bridge
#
interface GigabitEthernet1/0/24
port link-mode bridge
#
interface GigabitEthernet1/0/25
port link-mode bridge
shutdown
#
interface GigabitEthernet1/0/26
port link-mode bridge
shutdown
#
interface GigabitEthernet1/0/27
port link-mode bridge
shutdown
#
interface GigabitEthernet1/0/28
port link-mode bridge
shutdown
#
load xml-configuration
#
load tr069-configuration
#
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
user-interface vty 5 15
#
return
<radius-test>  


winradius 截图如下：

kingsdw

你acs什么版本的？4.0么？
要添加一个组件的。

神算子

学习

gentlebrother

thanks for sharing