cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1036
Views
0
Helpful
3
Replies
Paul Gaydos
Beginner

Configuring WAAS for RADIUS and NPS on Windows Server 2012

I am having difficulties getting our WAAS devices to authenticate and login via RADIUS.  Running NPS on Windows Server 2012.  Confirmed that my WAAS appliance can ping the RADIUS server IP address.  Using the Service-Type Attribute of Administrative under Network Policies.  Looking in Event Viewer, I am receiving an error with Event ID 15, "A malformed RADIUS message was received from client xxxx-WAAS-01. The data is the RADIUS message." 

Right now, I can login with only the local default username/password.  Here is some config from the WAAS, running version 6.2.1:

radius-server key ****
radius-server host 10.194.10.13 auth-port 1645
!
authentication login local enable secondary
authentication login radius enable primary
authentication configuration local enable secondary
authentication configuration radius enable primary
authentication fail-over server-unreachable

I confirmed that my shared key is entered correctly on both the WAAS and NPS.  I have Cisco routers/switches running fine off of this same RADIUS server.

Has anyone had any luck connecting their WAAS devices up to RADIUS using Windows Server 2012 and NPS?  If so, please share any extra steps you took to get things to work.

1 ACCEPTED SOLUTION

Accepted Solutions
Craig Meyer
Beginner

Hi Paul,

Based on the RADIUS error you are likely encountering defect CSCva14731. This was first discovered with Cisco ACS, but may impact other RADIUS servers.

To confirm, you can check for corresponding error in WAAS syslog:

authenticate: %WAAS-UNKNOWN-3-899999: pam_radius_auth: talk_radius: RADIUS server <IP:port> failed to respond(time out 5(sec))

Also this defect would not impact devices on WAAS 5.x software.

The issue will be fixed in upcoming 6.2.3 release.

View solution in original post

3 REPLIES 3
Craig Meyer
Beginner

Hi Paul,

Based on the RADIUS error you are likely encountering defect CSCva14731. This was first discovered with Cisco ACS, but may impact other RADIUS servers.

To confirm, you can check for corresponding error in WAAS syslog:

authenticate: %WAAS-UNKNOWN-3-899999: pam_radius_auth: talk_radius: RADIUS server <IP:port> failed to respond(time out 5(sec))

Also this defect would not impact devices on WAAS 5.x software.

The issue will be fixed in upcoming 6.2.3 release.

View solution in original post

Thanks for the response.  That was the issue.  RADIUS does not work with WAAS version 6.2.1.  I have one WAAS still on version 5.5.7, configured that for RADIUS, and had no trouble logging in with my RADIUS credentials.

Do you know when version 6.2.3 is anticipated to be released?

Hi Paul,

Current estimated timeframe is late July, early August.

Content for Community-Ad