failed test connectivity between fortigate and fortiauthenticator

safwa · ‎06-12-2023

Hello

I have fortiauthenticator have a version 6.5.2 and fortigate ( client Radius) have a version 7.0.1

so my work i want that customer wireless authenticated by mail through fortiauthenticator .

So my problem :

failed test connectivity between fortigate and fortiauthenticator . ??

despite they have same secret and forigate can ping to fortiauthenticator

so please i need a reply and a help from expert fortinet !!

thanks in advance

srajeswaran · ‎06-12-2023

Can you take a pcap on Fortigate/FortiAuthenticator to capture the packets on port 1812 and check if there is any response back from FortiAuthenticator or any errors?

Also try re-configuring the secret on both ends to something simple.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Radius-authentication-troubleshooting/ta-p...

Regards,
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.

safwa · ‎06-12-2023

Thanks for your reply

my question i want to know which password in fortigate and fortiauthenticator !!

i configure any password or password of account ??

i wait your reply

thanks

Debbie_FTNT · ‎06-12-2023

Set the same secret/passkey in the RADIUS server config on FortiGate, and the RADIUS client configuration on FortiAuthenticator - it's essentially a preshared key like for IPSec or similar.

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++

safwa · ‎06-12-2023

hello

i use in fortigate : authentication method default and without PAP or Chap !!

so test connectivity is failed !!

please how i can found the exact problem !!

i wait a reply

thanks

srajeswaran · ‎06-12-2023

Doing a pcap can help /

Ref: https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Understanding-RADIUS-and-TACACS/ta-p...

Regards,
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.

safwa · ‎06-12-2023

I send all my work in this forum

please can you check !!

Thanks

srajeswaran · ‎06-12-2023

Are you talking about the password in below command? If so, it is the password configured in radius server for the user-id

diagnose test authserver radius <radius server_name> <authentication scheme><username> <password>

Regards,
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.

Debbie_FTNT · ‎06-12-2023

Hey safwa,

in addition RADIUS server configuration on FortiGate, you need the following on FortiAuthenticator:

- allow RADIUS on the interface (under System > Network > Interface)

- RADIUS client entry (FortiGate's IP, plus secret) under Authentication > RADIUS Service > Clients

- RADIUS policy to allow authentication under Authentication > RADIUS Service > Policy

-> set up a simple policy with the configured RADIUS client and local realm to start with, just to test if the connection works

If it still fails, check with a packet capture as Suraj suggested.

You can also check the RADIUS debug log in FortiAuthenticator under https://<FortiAuthenticator>/debug.

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++

safwa · ‎06-12-2023

Please i need a help

i try all your reply but still failed test connectivity between fortigate and FortiAuthenticator radius

but Our goal we want client wireless authenticate with mail through FortiAuthenticator !!

how i can resole and i try to chek but still failed

i wait areply from expert fortinet

thanks

failed test connectivity between fortigate and fortiauthenticator

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website