Skip to main content
safwa
safwa
Explorer II
June 12, 2023
Question

failed  test connectivity  between fortigate and fortiauthenticator

  • June 12, 2023
  • 2 replies
  • 5988 views

Hello

 

I have fortiauthenticator  have a version 6.5.2 and fortigate ( client Radius) have a version 7.0.1

 

so my work i want that customer   wireless  authenticated by mail through  fortiauthenticator .

 

So my problem :

 

failed  test connectivity  between fortigate and fortiauthenticator . ??

 

despite  they have same secret and forigate can ping to fortiauthenticator 

 

so please i need a reply and a help from expert fortinet !!

 

thanks in advance

 

2 replies

srajeswaran
Staff
srajeswaran
Staff
June 12, 2023

Can you take a pcap on Fortigate/FortiAuthenticator to capture the packets on port 1812 and check if there is any response back from FortiAuthenticator or any errors?

 

Also try re-configuring the secret on both ends to something simple.

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Radius-authentication-troubleshooting/ta-p/196192

safwa
safwaAuthor
Explorer II
June 12, 2023

Thanks for your reply

 

my question i want  to know which  password in fortigate and fortiauthenticator  !!

 

i configure any password or password  of account ??

 

i wait your reply

 

thanks

 

 

Debbie_FTNT
Staff & Editor
Debbie_FTNT
Staff & Editor
June 12, 2023

Set the same secret/passkey in the RADIUS server config on FortiGate, and the RADIUS client configuration on FortiAuthenticator - it's essentially a preshared key like for IPSec or similar.

Debbie_FTNT
Staff & Editor
Debbie_FTNT
Staff & Editor
June 12, 2023

Hey safwa,

 

in addition RADIUS server configuration on FortiGate, you need the following on FortiAuthenticator:

- allow RADIUS on the interface (under System > Network > Interface)

- RADIUS client entry (FortiGate's IP, plus secret) under Authentication > RADIUS Service > Clients

- RADIUS policy to allow authentication under Authentication > RADIUS Service > Policy

-> set up a simple policy with the configured RADIUS client and local realm to start with, just to test if the connection works

 

If it still fails, check with a packet capture as Suraj suggested.

You can also check the RADIUS debug log in FortiAuthenticator under https://<FortiAuthenticator>/debug.

safwa
safwaAuthor
Explorer II
June 12, 2023

Please i need a help

 

i try all your reply but  still failed test connectivity between fortigate and  FortiAuthenticator radius 

 

but Our goal we want client wireless authenticate with mail through FortiAuthenticator  !!

how i can resole and i try to chek but still failed 

 

i wait areply from expert fortinet

 

thanks

Debbie_FTNT
Staff & Editor
Debbie_FTNT
Staff & Editor
June 12, 2023

Dear safwa,

 

it is unclear WHAT is failing.

What configuration do you have in place? Do you have the RADIUS server config in FortiGate? Do you have the RADIUS policy and RADIUS client set up in FortiAuthenticator?

Have you done a packet capture?

Have you verified there is no network issue between FortiAuthenticator and FortiGate?

What kind of errors are you getting aside from 'Test connectivity' failing?

Have you checked the FortiAuthenticator's RADIUS debug log for any error messages? Are requests even reaching the Authenticator?

You can refer to this guide to verify what configuration you already have in place and what you might be missing:https://docs.fortinet.com/document/fortiauthenticator/6.5.0/cookbook/161417/wifi-radius-authentication-with-fortiauthenticator

Terms & ConditionsAccessibility statement