Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search instead for
Did you mean:
The "RADIUS-4-RADIUS_DEAD: RADIUS server xx.xx.xx.xx:1645,1646 is not responding" error message is received on the WLSM that runs firmware version 12.3
The messages happen when there are two servers defined and the authentication goes to the second. When you first reboot the Wireless LAN Service Module (WLSM), possibly the first server is up then at some point it is unreachable, for example, transient network condition, replication, and so forth. Thus, this results in this condition.
The exact error message looks similar to this:-
(xx)Month (xx)Date (xx:xx:xx)Time : %RADIUS-4-RADIUS_DEAD: RADIUS server xx.xx.xx.xx:1645,1646 is not responding,
(xx)Month (xx)Date (xx:xx:xx)Time : %RADIUS-4-RADIUS_ALIVE: RADIUS server xx.xx.xx.xx:1645,1646 has returned
The problem is observed in a sceneraio where two radius servers are configured.
There is no authentication failure observed while the Radius dead/alive messages are still issued. It seems to be a false report. The message is an alarm that appears to be cosmetic and related to the ACS server. The problem is first found in version 2.2(1).
If you do not wish to see these messages, remove the second server. As documented in Cisco bug ID CSCsh26203, have two Microsoft Windows 2003 server with ACS 3.3(2) build two. When the WLSM points to the second radius server, infrastructure APs authenticate fine and clients are able to authenticate as well, but you possibly see the radius dead/alive messages on WLSM.
You do not see this message for the first radius server. When the first radius server is utilised, the second radius server is in idle and WLSM gets radius dead/alive messages continously.
Also, the %RADIUS-4-RADIUS_ALIVE: RADIUS server 10.0.0.51:1812,1813 has returned. error message is misleading. It does not say that the server has returned, and it only says that RADIUS has marked the server as alive because the deadtime timer has expired. If nothing is configured the default is 0 seconds deadtime with no test probe. RADIUS is also able to resend messages to this server again.This error message can also occur when there is a shared key mismatch between the RADIUS and the access point (AP).