Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1385
Views
0
Helpful
1
Replies

NAC Guest Server - can't authenticate Radius client, DB error

pengfang
Level 1
Level 1

‎11-16-2009 08:38 PM - edited ‎02-21-2020 10:24 AM

Hi,

I'm currently evaluating the NGS latest v2.01 image with a fresh new installation. After initial installation, I created sponsor and guest account.My plan is to use a Cisco ASA as the Radius client with Cut-through authentication - Radius to simulate the final application which would be WLAN controller.

Here's error message when I did "test aaa" command from ASA:

ciscoasa# test aaa authentication CUT-AUTH host 172.16.1.110 username jsmith@abc.com password cisco123

INFO: Attempting Authentication test to IP address <172.16.1.110> (timeout: 12 seconds)

ERROR: Authentication Rejected: Invalid password

ciscoasa#

I did double-checked the password no issue then looked at Server -> System logs -> Support logs -> Radius log @ NGS, it shows some repeating errors as followed:

Mon Nov 16 14:04:16 2009 : Info: rlm_sql (sql): Driver rlm_sql_postgresql (module rlm_sql_postgresql) loaded and linked

Mon Nov 16 14:04:16 2009 : Info: rlm_sql (sql): Attempting to connect to postgres@localhost:/gapdb

Mon Nov 16 14:04:16 2009 : Error: rlm_sql_postgresql: Couldn't connect socket to PostgreSQL server postgres@localhost:gapdb

Mon Nov 16 14:04:16 2009 : Error: rlm_sql (sql): Failed to connect DB handle #0

Mon Nov 16 14:04:16 2009 : Info: rlm_sql (sql): There are no DB handles to use! skipped 5, tried to connect 0

Mon Nov 16 14:04:16 2009 : Error: Failed to load clients from SQL.

Mon Nov 16 14:04:16 2009 : Error: /etc/raddb/postgresql.conf[1]: Instantiation failed for module "sql"

Mon Nov 16 14:04:16 2009 : Error: /etc/raddb/radiusd.conf[88]: Failed to find module "sql".

Mon Nov 16 14:04:16 2009 : Error: /etc/raddb/radiusd.conf[87]: Errors parsing accounting section.

Mon Nov 16 14:04:16 2009 : Error: Errors initializing modules

Mon Nov 16 14:05:06 2009 : Info: rlm_sql (sql): Driver rlm_sql_postgresql (module rlm_sql_postgresql) loaded and linked

Mon Nov 16 14:05:06 2009 : Info: rlm_sql (sql): Attempting to connect to postgres@localhost:/gapdb

Mon Nov 16 14:05:08 2009 : Info: Ready to process requests.

Mon Nov 16 14:06:51 2009 : Info: Exiting normally.

I guess something wrong with the NGS, but I don't see any errors during the installation. The Radius package of NGS 2.01 is FreeRADIUS 2.1.3.1, any ideas?

Thanks

Labels:
0 Helpful
1 Reply 1

aboschetti
Level 1
Level 1

‎08-13-2010 06:45 AM

We had the same problem.

You can solve sending to RADIUS Server (Cisco NGS) this additional radius attribute:

Calling Station ID

NAS IP Address

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents