Can't contact RADIUS server

Forum|Forum|4 years ago
November 12, 2021
2 replies
24654 views

Hello dears,

first i created client in FAC then i go to FG and tried to add the RADUIS server

but when i put the IP of FAC and the secret and i try the connection status this msg appear : Can't contact RADIUS server

i can ping the fortiauthenticator from the fortigate

i need help to troubleshoting this please

GDiFi

Staff

Take a look at this KB. You can enable a debug and then test the credentials. This should give you an indication of where the process is failing:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Radius-authentication-troubleshooting/ta-p/196192?externalID=FD46949

Debbie_FTNT

Staff & Editor

Also check the following on FortiAuthenticator:

- in addition to the RADIUS client, do you have a policy (or a profile, if your FAC is 6.0 or lower)?

- do you allow RADIUS on the FortiAuthenticator's interface (System > Network > Interface)?
- you can run a sniffer on FortiAuthenticator CLI to verify that RADIUS traffic is arriving:
#exe tcpdump -i any -c 1000 port 1812

- if RADIUS is arriving on FortiAuthenticator, and is allowed on the interface, you can check RADIUS debug on FortiAuthenticator GUI: https://<FortiAuthenticator>/debug/radius

Hope this helps!

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded