Troubleshooting Tip: Cannot establish more than 16 RADIUS RADSEC client Connections

Description

This article describes the behavior where hosts are unable to connect via RADIUS using RADSEC when 16 client connections are reached.

Scope

FortiNAC-F versions 7.2+, v7.4+, and v7.6+.

Solution

When using RADSEC, the network access device (like a wireless Access Point) is considered the RADIUS client.

Initially, hosts are able to connect. Logs show the following entries: 

Info: ... adding new socket auth from client (x.x.x.x, 12866) -> (*, 2083)

After 16 of these messages are displayed, hosts begin failing to connect. Logs show the following message:

Info: Ignoring new connection due to socket max_connections

Restarting the RADIUS service clears the condition until 16 of the 'adding new socket auth from client' messages are reached.  

There is a hard-set maximum RADIUS server configuration for RADSEC. No more than 16 clients can connect.

Contact Support for a workaround.

This configuration is hard-coded and cannot be changed. Submit a New Feature Request to raise the limit.