Radius User Will Drop and Not Be Able to Connect Again

Issues when use Radius Server for authentication

10/14/2021 280 People found this article helpful 108,703 Views

Description

Troubleshooting issues with Radius Server for hallmark for users. This commodity aims to show you how to use the Radius testing tool to troubleshoot the Radius configuration issues.

Resolution

Resolution for SonicOS half dozen.five

This release includes meaning user interface changes and many new features that are different from the SonicOS half dozen.2 and earlier firmware. The below resolution is for customers using SonicOS six.5 firmware.

The RADIUS Server troubleshooting can be done by navigating toManage | System Setup | Users | Settings | Configure Radius and from the Test tab. As can be seen, information technology offers ane to examination.

• basicconnectivity with the RADIUS server (due east.g,UDP 1812).
• authenticate a user by LDAPusername andpassword.

This commodity discusses the troubleshooting for the mutual errors one receives in theExamination .

Radius Server Timeout Error

SonicWall firewall communicates with the RADIUS server usingUDP 1812, unless 1 has configured the RADIUS server with custom ports. Basic steps in troubleshootingServer timeoutinvolve verifying the connexion parameters as summarized below.

1.  Verify IP address of RADIUS host and port numberson the SonicWall firewall by navigating toManage | System Setup | Users | Settings | Configure Radius.
   
2. Verify the IP address  of the SonicWall firewall, the RADIUS Client , and port numbers for communication equally configured on the RADIUS server.
3. Following are examples shown from a Microsoft Network Policy Server (NPS), which is a server part that has been fix upward on Windows server2012R2 lab. The NPS control panel on a Windows server can exist accessed in one of the three options as summarized below. Windows Key+R  and nps.msc,Administrative Tools in  Control Consoleor  server Tools  on the  Server Manager.
4. The near common cause ofServer Time out orCommunication errors may be related to improper port numbers and/or IP address of the SonicWall firewall. The port number information can be reviewed by right-click and selecting Backdrop. As  summarized below, the authentication must match with the port number configured on the firewall, e.chiliad.,1812 (UDP).

   

5. The IP address of the SonicWall firewall can be reviewed from the Properties of the RADIUS client. The IP address must match with that of the firewall (Instance:192.168.168.168). While you are in this window, it is a good thought too to bank check theShared secret. This is used for encrypting communication between the RADIUS server and Client.

RADIUS communication error

Please review theShared Hugger-mugger as configured on the firewall and on the RADIUS server as explained higher up.

RADIUS Client Authentication Failed

1. The first footstep to troubleshoot the client hallmark is to test the LDAP server for the credentials. The next step is to review the Network Policy used, eastward.,grand., pluto-vpn  in the following case. Information technology is a good idea to utilise a Client Friendly Proper name  in theConditions tab. The name used hither matches that configured for the RADIUS Client, east.g., SonicWall.
2. The following diagram compiles the outcomes of troubleshooting that was based on the in a higher place discussion.
   

How to examination

1. When everything above configured correctly, you can do the test once more. The result should be successful.
   

Resolution for SonicOS 6.2 and Below

The below resolution is for customers using SonicOS six.2 and earlier firmware. For firewalls that are generation half dozen and newer we suggest to upgrade to the latest general release of SonicOS six.5 firmware.

NOTE: In this scenario, 192.168.136.168 equally Radius Customer has been added on the Radius server 192.168.136.66.

When doing troubleshooting, navigate to Users | Settings page. Y'all can use Radius testing tool here.

1. Navigate toConfigure Radius|Settings | Input the IP Address, Shared Hugger-mugger and Port Number of your Radius server.
   |
2. Click tab Test, Input User name , Password and Authentication blazon | Click Test.

Server Response: Server Timeout Error

1. On SonicWall, please double check the IP Address, Port number of your Radius server.
   
2. On Radius server (Windows 2008 NPS), please check the default Ports and Radius Customer settings and likewise ensure the Radius server is available on the firewall.
3. Yous can click Right Click NPS | Select  Properties | Click tab Ports to check the authentication port.
   
4. Click RADIUS Clients and Servers | RADIUS Clients to check the client  setting. 192.168.136.168 ( X3 interface IP accost of SonicWall) is correct.

Server Response RADIUS Communication Error

1. Please cheque Shared Secret  settings.
   

Server Response Radius Client Hallmark Failed

1. Your User proper noun, Password is not correct, or authentication methods is non enabled in the Network Policy on your Radius server.

How to test

1. When everything to a higher place configured correctly, yous tin do the test again. The upshot should be successful.

Related Manufactures

• Global VPN Client slowing down the internet speed
• App Control fails by schema mistake when editing VPN category
• Custom Geo-IP list to exclude a website from Geo-IP filter

Categories

• Firewalls > TZ Series > User Login
• Firewalls > NSa Series > User Login
• Firewalls > NSv Series > User Login

---

Was This Commodity Helpful?

YepNO

Article Helpful Form

• How may nosotros assist you?
• SolutionID

Article Not Helpful Form

• How may nosotros assist you lot?
• SolutionID

solomonleold1941.blogspot.com

Source: https://www.sonicwall.com/support/knowledge-base/issues-when-use-radius-server-for-authentication/170505303705088/