Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

NAC Guest Server - can't authenticate Radius client, DB error

Hi,

I'm currently evaluating the NGS latest v2.01 image with a fresh new installation. After initial installation, I created sponsor and guest account.My plan is to use a Cisco ASA as the Radius client with Cut-through authentication - Radius to simulate the final application which would be WLAN controller.

Here's error message when I did "test aaa" command from ASA:

ciscoasa# test aaa authentication CUT-AUTH host 172.16.1.110 username jsmith@abc.com password cisco123

INFO: Attempting Authentication test to IP address <172.16.1.110> (timeout: 12 seconds)

ERROR: Authentication Rejected: Invalid password

ciscoasa#

I did double-checked the password no issue then looked at Server -> System logs -> Support logs -> Radius log @ NGS, it shows some repeating errors as followed:

Mon Nov 16 14:04:16 2009 : Info: rlm_sql (sql): Driver rlm_sql_postgresql (module rlm_sql_postgresql) loaded and linked

Mon Nov 16 14:04:16 2009 : Info: rlm_sql (sql): Attempting to connect to postgres@localhost:/gapdb

Mon Nov 16 14:04:16 2009 : Error: rlm_sql_postgresql: Couldn't connect socket to PostgreSQL server postgres@localhost:gapdb

Mon Nov 16 14:04:16 2009 : Error: rlm_sql (sql): Failed to connect DB handle #0

Mon Nov 16 14:04:16 2009 : Info: rlm_sql (sql): There are no DB handles to use! skipped 5, tried to connect 0

Mon Nov 16 14:04:16 2009 : Error: Failed to load clients from SQL.

Mon Nov 16 14:04:16 2009 : Error: /etc/raddb/postgresql.conf[1]: Instantiation failed for module "sql"

Mon Nov 16 14:04:16 2009 : Error: /etc/raddb/radiusd.conf[88]: Failed to find module "sql".

Mon Nov 16 14:04:16 2009 : Error: /etc/raddb/radiusd.conf[87]: Errors parsing accounting section.

Mon Nov 16 14:04:16 2009 : Error: Errors initializing modules

Mon Nov 16 14:05:06 2009 : Info: rlm_sql (sql): Driver rlm_sql_postgresql (module rlm_sql_postgresql) loaded and linked

Mon Nov 16 14:05:06 2009 : Info: rlm_sql (sql): Attempting to connect to postgres@localhost:/gapdb

Mon Nov 16 14:05:08 2009 : Info: Ready to process requests.

Mon Nov 16 14:06:51 2009 : Info: Exiting normally.

I guess something wrong with the NGS, but I don't see any errors during the installation. The Radius package of NGS 2.01 is FreeRADIUS 2.1.3.1, any ideas?

Thanks

1 REPLY
Community Member

Re: NAC Guest Server - can't authenticate Radius client, DB erro

We had the same problem.

You can solve sending to RADIUS Server (Cisco NGS) this additional radius attribute:

Calling Station ID

NAS IP Address

1011
Views
0
Helpful
1
Replies
CreatePlease to create content