Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
safwa
New Contributor III

failed  test connectivity  between fortigate and fortiauthenticator

Hello

 

I have fortiauthenticator  have a version 6.5.2 and fortigate ( client Radius) have a version 7.0.1

 

so my work i want that customer   wireless  authenticated by mail through  fortiauthenticator .

 

So my problem :

 

failed  test connectivity  between fortigate and fortiauthenticator . ??

 

despite  they have same secret and forigate can ping to fortiauthenticator 

 

so please i need a reply and a help from expert fortinet !!

 

thanks in advance

 

16 REPLIES 16
srajeswaran
Staff
Staff

Can you take a pcap on Fortigate/FortiAuthenticator to capture the packets on port 1812 and check if there is any response back from FortiAuthenticator or any errors?

 

Also try re-configuring the secret on both ends to something simple.

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Radius-authentication-troubleshooting/ta-p...

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.

safwa
New Contributor III

Thanks for your reply

 

my question i want  to know which  password in fortigate and fortiauthenticator  !!

 

i configure any password or password  of account ??

 

i wait your reply

 

thanks

 

 

Debbie_FTNT

Set the same secret/passkey in the RADIUS server config on FortiGate, and the RADIUS client configuration on FortiAuthenticator - it's essentially a preshared key like for IPSec or similar.

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++
safwa
New Contributor III

hello

 

i use in fortigate : authentication method default  and without PAP or Chap !!

 

so test connectivity is failed !!

please how i can found the exact problem !! 

 

i wait a reply

thanks

srajeswaran

Doing a pcap can help /

 

Ref: https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Understanding-RADIUS-and-TACACS/ta-p...


Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.

safwa
New Contributor III

I  send all my work in this forum

 

please can you check !!

 

Thanks

srajeswaran

Are you talking about the password in below command? If so, it is the password configured in radius server for the user-id

 

diagnose test authserver radius <radius server_name> <authentication scheme><username> <password>

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.

Debbie_FTNT
Staff
Staff

Hey safwa,

 

in addition RADIUS server configuration on FortiGate, you need the following on FortiAuthenticator:

- allow RADIUS on the interface (under System > Network > Interface)

- RADIUS client entry (FortiGate's IP, plus secret) under Authentication > RADIUS Service > Clients

- RADIUS policy to allow authentication under Authentication > RADIUS Service > Policy

-> set up a simple policy with the configured RADIUS client and local realm to start with, just to test if the connection works

 

If it still fails, check with a packet capture as Suraj suggested.

You can also check the RADIUS debug log in FortiAuthenticator under https://<FortiAuthenticator>/debug.

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++
safwa
New Contributor III

Please i need a help

 

i try all your reply but  still failed test connectivity between fortigate and  FortiAuthenticator radius 

 

but Our goal we want client wireless authenticate with mail through FortiAuthenticator  !!

how i can resole and i try to chek but still failed 

 

i wait areply from expert fortinet

 

thanks

Top Kudoed Authors