Explorer

Solved

Unable to connect to my Radius Server . Test connectivity settings on Fortigate primary server fails

Forum|Forum|2 years ago
July 20, 2023
3 replies
7285 views

Best answer by RBA

Try with below command

diagnose test authserver radius "RADIUS SERVER" mschap2 username password

Server_name indicates the value of "name" field configured under FortiGate Radius Profile.

Also share the output of command "sh full-configuration user radius"

srajeswaran

Staff

Can you collect diagnose sniffer output and then fnbamd debug as suggested in below article?

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Radius-authentication-troubleshooting/ta-p/196192

JOSIAH_BOZIAHAuthor

Explorer

says the invalid RADIUS SERVER.

10.76.0.1 is my fortigate LAN IP and 10.76.12.15 is my Radius SERVER

RBAAnswer

Staff

Try with below command

diagnose test authserver radius "RADIUS SERVER" mschap2 username password

Server_name indicates the value of "name" field configured under FortiGate Radius Profile.

Also share the output of command "sh full-configuration user radius"

JOSIAH_BOZIAHAuthor

Explorer

VinayHM

Hi @JOSIAH_BOZIAH

Please take the sniffer on ports 1813 and 1812 and attach it here.

Regards,

JOSIAH_BOZIAHAuthor

Explorer

Do I need to check Radius accounting under Administrative access, also the command just hangs, no output until I terminate it control C.

VinayHM

HI @JOSIAH_BOZIAH

Thanks for the update.

Open two SSH

Please take the output of the below commands

# diagnose debug application fnbamd -1

# diagnose debug enable

In the second putty run the sniffer.

diagnose sniffer packet any "host x.x.x.x and port 1813 and port 1812" 6 0 a

where x.x.x.x is radius server IP

Please recreate the issue (test connectivity) while taking the logs.

After taking the logs please disable the debug command.

# diagnose debug disable

# diagnose debug reset

Regards,

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded