• October 31, 2020, 06:54:20 AM
Welcome, Guest. Please login or register. Registration is free.
Did you miss your activation email?

Author Topic: Problems with starting radiusd  (Read 5086 times)

0 Members and 1 Guest are viewing this topic.

Offline dalejoyce

  • Rookie
  • **
  • Posts: 8
Problems with starting radiusd
« on: June 07, 2013, 05:39:45 PM »
Hi All,

Hope someone can shed some light on my problem.

I have had the capitive portal working for quite a while now after some troubles(self inflicted) setting up.

I now get the authentication failed on the captive portal and think its the radius deamon not being able to start as i get the following while trying to debug:

rfs7000-63ADC8#debug radius all
%Error: failed to connect to backend daemon


rfs7000-63ADC8#show debugging radius
Radius:
        Debugging is enabled at level - RADIUS is not running
rfs7000-63ADC8#


Any one know how to start radiusd? I have tried the following and rebooted but no joy!

rfs7000-63ADC8#service enable radiusd
Note: This change only takes effect after a reboot


Thanks in advance

Dale


Offline dalejoyce

  • Rookie
  • **
  • Posts: 8
Re: Problems with starting radiusd
« Reply #1 on: June 07, 2013, 06:07:57 PM »
Just to add:

The radius server is local and can ping the interface from the controller but when testing the radius server i get no response ... see below:

rfs7000-63ADC8#ping 192.168.254.251
PING 192.168.254.251 (192.168.254.251) 100(128) bytes of data.
108 bytes from 192.168.254.251: icmp_seq=1 ttl=64 time=0.150 ms
108 bytes from 192.168.254.251: icmp_seq=2 ttl=64 time=0.088 ms

--- 192.168.254.251 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.088/0.119/0.150/0.031 ms

rfs7000-63ADC8#service radius test 192.168.254.251 port 1812 guest1234 zzaaqq11 SAHGuestConf
Radius test authentication failed.
RADIUS-error:No Response from 192.168.254.251

Thanks

Offline MWG

  • Jr. Member
  • **
  • Posts: 28
Re: Problems with starting radiusd
« Reply #2 on: June 08, 2013, 02:53:36 AM »
Is the radius server policy mapped to the device?
Please post the used rfs7000 profile, the rfs7000 override and your aaa policy.

Offline dalejoyce

  • Rookie
  • **
  • Posts: 8
Re: Problems with starting radiusd
« Reply #3 on: June 08, 2013, 03:03:44 AM »
Thanks for the reply ..... I beleive i have got the radius policy mapped.

Thanks

Dale

aaa-policy STAHHOTSPOTAAA
 authentication server 1 onboard controller

rfs7000-63ADC8>show running-config profile rfs7000 default-rfs7000
profile rfs7000 default-rfs7000
 ip default-gateway 10.10.120.1
 no autoinstall configuration
 no autoinstall firmware
 ap-upgrade auto ap6511
 no ip igmp snooping
 no ip igmp snooping forward-unknown-multicast
 crypto ikev1 policy ikev1-default
  isakmp-proposal default encryption aes-256 group 2 hash sha
 crypto ikev2 policy ikev2-default
  isakmp-proposal default encryption aes-256 group 2 hash sha
 crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
 crypto ikev1 remote-vpn
 crypto ikev2 remote-vpn
 crypto auto-ipsec-secure
 interface me1
 interface ge1
  switchport mode trunk
  switchport trunk native vlan 110
  no switchport trunk native tagged
  switchport trunk allowed vlan 101,104,110-112
  use ip-access-list in BROADCAST-MULTICAST-CONTROL
  dot1x authenticator guest-vlan 1
  ip dhcp trust
  qos trust dscp
  qos trust 802.1p
 interface ge2
  shutdown
  ip dhcp trust
  qos trust dscp
  qos trust 802.1p
 interface ge3
  shutdown
  ip dhcp trust
  qos trust dscp
  qos trust 802.1p
 interface ge4
  shutdown
  ip dhcp trust
  qos trust dscp
  qos trust 802.1p
 interface vlan110
  ip address 10.10.120.25/22
  use ip-access-list in BROADCAST-MULTICAST-CONTROL
  dhcp-relay-incoming
 interface vlan111
  description RTLS
  ip address 10.10.64.25/21
  use ip-access-list in BROADCAST-MULTICAST-CONTROL
 interface vlan112
  description Guest\ Wireless
  ip address 192.168.254.251/24
  use ip-access-list in BROADCAST-MULTICAST-CONTROL
 interface pppoe1
 use event-system-policy test
 use dhcp-server-policy STAHDHCP
 use firewall-policy default
 use auto-provisioning-policy STAHAUTOPROV
 use captive-portal server STAHCaptive
 ntp server 10.10.44.11
 email-notification host 10.20.4.12 sender
 email-notification recipient
 logging on
 logging host 10.20.19.236
 logging facility local0
 logging forward warnings
 no ap300 adopt-unconfig
 service pm sys-restart
 router ospf

rfs7000 00-23-68-63-AD-C8
 use rf-domain Support\ Services
 location SSB
 timezone Europe/London
 country-code gb
 use smart-rf-policy SMARTRFSSB
 control-vlan 110
 ip default-gateway 10.10.120.1
 no autoinstall configuration
 no autoinstall firmware
 ap-upgrade auto ap6511
 no ip igmp snooping
 no ip igmp snooping forward-unknown-multicast
 crypto ikev1 policy ikev1-default
  isakmp-proposal default encryption aes-256 group 2 hash sha
 crypto ikev2 policy ikev2-default
  isakmp-proposal default encryption aes-256 group 2 hash sha
 crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
 crypto ikev1 remote-vpn
 crypto ikev2 remote-vpn
 crypto auto-ipsec-secure
 interface me1
 interface ge1
  switchport mode trunk
  switchport trunk native vlan 110
  no switchport trunk native tagged
  switchport trunk allowed vlan 101,104,110-112
  use ip-access-list in BROADCAST-MULTICAST-CONTROL
  dot1x authenticator guest-vlan 1
  ip dhcp trust
  qos trust dscp
  qos trust 802.1p
 interface ge2
  shutdown
  ip dhcp trust
  qos trust dscp
  qos trust 802.1p
 interface ge3
  shutdown
  ip dhcp trust
  qos trust dscp
  qos trust 802.1p
 interface ge4
  shutdown
  ip dhcp trust
  qos trust dscp
  qos trust 802.1p
 interface vlan110
  ip address 10.10.120.25/22
  use ip-access-list in BROADCAST-MULTICAST-CONTROL
  dhcp-relay-incoming
 interface vlan111
  description RTLS
  ip address 10.10.64.25/21
  use ip-access-list in BROADCAST-MULTICAST-CONTROL
 interface vlan112
  description Guest\ Wireless
  ip address 192.168.254.251/24
  use ip-access-list in BROADCAST-MULTICAST-CONTROL
 interface pppoe1
 use event-system-policy test
 use dhcp-server-policy STAHDHCP
 use firewall-policy default
 use auto-provisioning-policy STAHAUTOPROV
 use captive-portal server STAHCaptive
 ntp server
 email-notification host 10.20.4.12 sender Motorla@standrews.co.uk
 email-notification recipient
 logging on
 logging console debugging
 logging buffered debugging
 logging syslog debugging
 logging host 10.20.19.236
 logging facility local0
 logging forward debugging
 no ap300 adopt-unconfig
 service pm sys-restart
 router ospf
!

Offline dalejoyce

  • Rookie
  • **
  • Posts: 8
Re: Problems with starting radiusd
« Reply #4 on: June 08, 2013, 02:57:55 PM »
Anyone know the command to restart radius on WiNG 5? On wing 4 it is service radius restart under conf-radsrv

Thanks

Dale

Offline MWG

  • Jr. Member
  • **
  • Posts: 28
Re: Problems with starting radiusd
« Reply #5 on: June 08, 2013, 07:06:48 PM »
I can't find the command "use radius-server-policy <policy>" in the profile or the controller override.
Please add the command in the profile or the override.
The radius server should work afterwards...

Offline hchen01

  • Full Member
  • ***
  • Posts: 73
Re: Problems with starting radiusd
« Reply #6 on: June 11, 2013, 09:12:03 PM »
Configuration-->Devices-->RFS7000-->Services-->Radius Server:
select the Radius server policy.
Commit and save.
to restart, select none-->commit-->select "Policy Name"-->commit-->save