Users created in Qradar do not authenticate. Qradar is configured to use RADIUS and CHAP to authenticate the users in ACS. ACS v4.2 does not seem to allow a client to be configured such that Qradar must authenticate with ACS via CHAP in order to then send the (Qradar) user authentication request.
Thanks for your questions.
Qradar is a SIEM, admins need to log into it to work with it. Those users need to be authenticated so Qradar authenticates to ACS. There are no failures being logged. What I see in a packet capture and my workstation is basically useless since the interaction is TLS encrypted. A few packets go back and forth then they stop. At Qadar's login screen you see "failed authentication".
Since Qradar is configured to use PAP or CHAP, I want to find where in ACS you configure the CHAP password for the device. We have other non-cisco devices that do Radius in the same way for the admin's to log into them. Something is missing in the configuration and or definition for the device (Qradar).
This is likely going to be answered by someone who authenticated F5's or other non-cisco devices using v4 of ACS.
I'm sure you must have gone through the below listed PDF (page 24-25 --configuring authentication)
Now, I'd like to know how you have added QRadar as a radius client in ACS 4.2 > Network configuration > Add AAA client
Also, you can create a user on ACS 4.2 > user setup > there we have 2 options (PAP or CHAP) to enter the password, you may use CHAP password for user authentication.
**Do rate helpful posts**