Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
networkb_444
New Contributor II

Created on ‎07-21-2025 05:27 AM

FortiNAC RADIUS error "Auth: (93) Login incorrect (RADIUS not enabled on device (Post-Auth)):"

We have the below assets:

  • Windows CA
  • FortiNAC-VM
  • Fortigate-40F
  • FortiSwitch-108F-POE
  • FortiAP 221E

We are trying to setup the Corporate WiFi Access with FortiNAC, using a certificate. 

Flow:
Users must Connect to an SSID with WPA2 Enterprise and FortiNAC confirms a user as corporate with certificate checking. 

 

We did all the steps we know and when a test pc try to connect in the Corporate SSID, we take the FortiNAC-RADIUS error below: 

  • Auth: (93) Login incorrect (RADIUS not enabled on device (Post-Auth)):

What is the issue resolving path? 

Bests,
PK

Labels:
504
1 Solution
FortiEng_345
New Contributor II

Created on ‎08-05-2025 05:53 AM Edited on ‎08-05-2025 05:54 AM

Hi! 

We test version 7.2.9 and FortiNAC service is working fine. 

Thanks for your replies!


P.S.: I believe Fortinet should have create an analytical Installation Guide with basic use-cases examples. 

Bests, 

FortiEng_345

View solution in original post

FortiEng_345
190
9 REPLIES 9
ebilcari
Staff
Staff

Created on ‎07-22-2025 01:46 AM

Kindly share the firmware version of FortiNAC.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
455
FortiEng_345
New Contributor II
In response to ebilcari

Created on ‎07-22-2025 02:43 AM

7.4.1.0451

FortiEng_345
FortiEng_345
434
ebilcari
Staff
Staff
In response to FortiEng_345

Created on ‎07-22-2025 05:27 AM

The issue may be related to fix 1129743 which is going to be included in the next release of 7.4.2 (published next week) and is already included in the latest version of 7.6.3, some details are included in the release notes.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
408
FortiEng_345
New Contributor II
In response to ebilcari

Created on ‎07-24-2025 03:12 AM

We proceed with firmware upgrade. 


Bests,

FortiEng_345
FortiEng_345
360
0 Kudos
FortiEng_345
New Contributor II
In response to FortiEng_345

Created on ‎07-24-2025 03:15 AM

We took error "RADIUS not running" after upgrade. 

Bests,

FortiEng_345
FortiEng_345
355
0 Kudos
ebilcari
Staff
Staff
In response to FortiEng_345

Created on ‎07-24-2025 04:35 AM

You need to check the logs for 'Service Status' and 'Systemd Journal' to have more information:

logs.PNG

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
340
FortiEng_345
New Contributor II
In response to ebilcari

Created on ‎07-24-2025 04:56 AM

Full Journal Excerpt...]
Jul 24 13:14:25 fortinac radiusd[16976]: Compiling Post-Auth-Type REJECT for attr Post-Auth-Type
Jul 24 13:14:25 fortinac radiusd[16976]: Compiling Post-Auth-Type Challenge for attr Post-Auth-Type
Jul 24 13:14:25 fortinac radiusd[16976]: Compiling Auth-Type REST for attr Auth-Type
Jul 24 13:14:25 fortinac radiusd[16976]: Compiling Auth-Type MSCHAP for attr Auth-Type
Jul 24 13:14:25 fortinac radiusd[16976]: Compiling Post-Auth-Type REST for attr Post-Auth-Type
Jul 24 13:14:25 fortinac radiusd[16976]: Compiling Post-Auth-Type REJECT for attr Post-Auth-Type
Jul 24 13:14:25 fortinac radiusd[16976]: Compiling Auth-Type REST for attr Auth-Type
Jul 24 13:14:25 fortinac radiusd[16976]: Compiling Post-Proxy-Type Reject for attr Post-Proxy-Type
Jul 24 13:14:25 fortinac radiusd[16976]: Compiling Post-Auth-Type REJECT for attr Post-Auth-Type
Jul 24 13:14:25 fortinac radiusd[16976]: Compiling Post-Auth-Type Challenge for attr Post-Auth-Type
Jul 24 13:14:25 fortinac radiusd[16976]: radiusd: #### Skipping IP addresses and Ports ####
Jul 24 13:14:25 fortinac radiusd[16976]: Unable to check file "/etc/raddb/certs/ca_radsec.pem": No such file or directory
Jul 24 13:14:25 fortinac radiusd[16976]: /etc/raddb/radiusd.conf[439]: Failed parsing configuration item "ca_file"
Jul 24 13:14:25 fortinac systemd[1]: radiusd.service: Control process exited, code=exited, status=1/FAILURE
-- An ExecStartPre= process belonging to unit radiusd.service has exited.
Jul 24 13:14:25 fortinac-gr-01 systemd[1]: radiusd.service: Failed with result 'exit-code'.
-- The unit radiusd.service has entered the 'failed' state with result 'exit-code'.
-- Subject: A start job for unit radiusd.service has failed
-- A start job for unit radiusd.service has finished with a failure.
Jul 24 13:14:25 fortinac systemd[1]: Started /bin/journalctl -xe -n 100 --no-pager -u radiusd.service.
[End Full Journal Excerpt]

FortiEng_345
FortiEng_345
331
0 Kudos
ebilcari
Staff
Staff
In response to FortiEng_345

Created on ‎07-24-2025 05:14 AM

It appears as a problem with the certificates. Kindly check the certificates in System> Certificate Management for 'Local RADIUS Server (RadSec)' and 'Local RADIUS Server (EAP) [radius]'.
If 'RADIUS over TLS (RadSec)' is enabled try to temporarily disable it and start the service again.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
324
FortiEng_345
New Contributor II

Created on ‎08-05-2025 05:53 AM Edited on ‎08-05-2025 05:54 AM

Hi! 

We test version 7.2.9 and FortiNAC service is working fine. 

Thanks for your replies!


P.S.: I believe Fortinet should have create an analytical Installation Guide with basic use-cases examples. 

Bests, 

FortiEng_345
FortiEng_345
191
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.