Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
954
Views
2
Helpful
2
Replies

Radius failure

v.matiakis
Level 1
Level 1

‎12-17-2007 11:52 PM

Hi, i suddenly lost all the users from my LNS and in the log appeared the following message :

. %RADIUS-4-RADIUS_DEAD: RADIUS server x.x.x.x:1812,1813 is not responding.

. %RADIUS-4-RADIUS_ALIVE: RADIUS server x.x.x.x:1812,1813 has returned.

. %RADIUS-4-RADIUS_DEAD: RADIUS server x.x.x.x:1812,1813 is not responding.

. %RADIUS-4-RADIUS_ALIVE: RADIUS server x.x.x.x:1812,1813 has returned.

. %RADIUS-4-RADIUS_DEAD: RADIUS server x.x.x.x:1812,1813 is not responding.

. %RADIUS-4-RADIUS_ALIVE: RADIUS server x.x.x.x:1812,1813 has returned.

. %RADIUS-4-RADIUS_DEAD: RADIUS server x.x.x.x:1812,1813 is not responding.

. %RADIUS-4-RADIUS_ALIVE: RADIUS server x.x.x.x:1812,1813 has returned.

. %RADIUS-4-RADIUS_DEAD: RADIUS server x.x.x.x:1812,1813 is not responding.

. %RADIUS-4-RADIUS_ALIVE: RADIUS server x.x.x.x:1812,1813 has returned.

. %RADIUS-4-RADIUS_DEAD: RADIUS server x.x.x.x:1812,1813 is not responding.

. %RADIUS-4-RADIUS_ALIVE: RADIUS server x.x.x.x:1812,1813 has returned.

. %RADIUS-4-RADIUS_DEAD: RADIUS server x.x.x.x:1812,1813 is not responding.

. %RADIUS-4-RADIUS_ALIVE: RADIUS server x.x.x.x:1812,1813 has returned.

. %RADIUS-4-RADIUS_DEAD: RADIUS server x.x.x.x:1812,1813 is not responding.

. %RADIUS-4-RADIUS_ALIVE: RADIUS server x.x.x.x:1812,1813 has returned.

. %RADIUS-4-RADIUS_DEAD: RADIUS server x.x.x.x:1812,1813 is not responding.

. %RADIUS-4-RADIUS_ALIVE: RADIUS server x.x.x.x:1812,1813 has returned.

. %RADIUS-4-RADIUS_DEAD: RADIUS server x.x.x.x:1812,1813 is not responding.

. %RADIUS-4-RADIUS_ALIVE: RADIUS server x.x.x.x:1812,1813 has returned.

. %RADIUS-4-RADIUS_DEAD: RADIUS server x.x.x.x:1812,1813 is not responding.

What does this mean? Also the users are being authenticated by the radius really really slow with a lot of timeouts in show radius statistics. What can i do in that case in order to prevent future incidents?

Labels:
0 Helpful
2 Replies 2

Jon Marshall
Hall of Fame
Hall of Fame

‎12-18-2007 12:49 AM

Hi

The most obvious thing to check is the connectivity between the Radius server and any devices using it for authenticaiton/authorization.

From the output above it looks like packets are going missing between the LNS and the radius server which would explain why the authentication of users is so slow. This could be caused by

1) The radius server itself. Do any other devices use this server and are they complaining about a non-responsive server

2) The LNS

3) The network between the LNS and the radius server.

Jon

v.matiakis
Level 1
Level 1
In response to Jon Marshall

‎12-18-2007 12:56 AM

In fact long after this message stopped, the users still logged in really slow. There was another LNS that did not have the same issue, the users logged in just fine. The configuration :

radius-server dead-criteria tries 2

radius-server host x.x.x.x auth-port 1812 acct-port 1813

radius-server host x.x.x.x auth-port 1812 acct-port 1813

radius-server source-ports extended

radius-server retransmit 1

radius-server timeout 15

radius-server deadtime 30.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents