Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2551
Views
0
Helpful
2
Replies

Radius Timed out 1841

Go to solution
andre18073
Level 1
Level 1

‎04-27-2020 09:18 AM

I'm struggling to get the router to retrieve user data from AD DS. I get pinged both ways, and have checked that the gates in the firewall on 1812,1813 1645,1646 are open. but only get a timed out .. Anyone have any suggestions?

 

*Apr 27 15:05:21.687: AAA/BIND(00000014): Bind i/f
*Apr 27 15:05:21.687: AAA/ACCT/EVENT/(00000014): CALL START
*Apr 27 15:05:21.687: Getting session id for NET(00000014) : db=6836F510
*Apr 27 15:05:21.687: AAA/ACCT(00000000): add node, session 8
*Apr 27 15:05:21.687: AAA/ACCT/NET(00000014): add, count 1
*Apr 27 15:05:21.687: Getting session id for NONE(00000014) : db=6836F510
*Apr 27 15:05:21.687: AAA/AUTHEN/LOGIN (00000014): Pick method list 'default'
*Apr 27 15:05:21.687: RADIUS/ENCODE(00000014): ask "Password: "
*Apr 27 15:05:21.687: RADIUS/ENCODE(00000014): send packet; GET_PASSWORD
IT-T-R1(config)#
*Apr 27 15:05:25.827: RADIUS/ENCODE(00000014):Orig. component type = Exec
*Apr 27 15:05:25.827: RADIUS(00000014): Config NAS IP: 0.0.0.0
*Apr 27 15:05:25.827: RADIUS(00000014): Config NAS IPv6: ::
*Apr 27 15:05:25.827: Getting session id for EXEC(00000014) : db=6836F510
*Apr 27 15:05:25.827: RADIUS/ENCODE(00000014): acct_session_id: 8
*Apr 27 15:05:25.827: RADIUS(00000014): sending
*Apr 27 15:05:25.831: RADIUS/ENCODE: Best Local IP-Address 172.16.0.200 for Radius-Server 172.16.0.5
*Apr 27 15:05:25.831: RADIUS(00000014): Send Access-Request to 172.16.0.5:1645 id 1645/11, len 81
*Apr 27 15:05:25.831: RADIUS: authenticator CB 4D 2B 5E C6 EC DB F9 - 5D C7 5D 69 88 D1 F3 FA
*Apr 27 15:05:25.831: RADIUS: User-Name [1] 11 "useradmin"
*Apr 27 15:05:25.831: RADIUS: User-Password [2] 18 *
*Apr 27 15:05:25.831: RADIUS: NAS-Port [5] 6 194
*Apr 27 15:05:25.831: RADIUS: NAS-Port-Id [87] 8 "tty194"
*Apr 27 15:05:25.831: RADIUS: NAS-Port-Type [61] 6 Async [0]
*Apr 27 15:05:25.831: RADIUS: Service-Type [6] 6 Login [1]
*Apr 27 15:05:25.831: RADIUS: NAS-IP-Address [4] 6 172.16.0.200
*Apr 27 15:05:25.831: RADIUS(00000014): Sending a IPv4 Radius Packet
IT-T-R1(config)#
*Apr 27 15:05:25.831: RADIUS(00000014): Started 5 sec timeout
IT-T-R1(config)#
*Apr 27 15:05:30.215: RADIUS(00000014): Request timed out
*Apr 27 15:05:30.215: RADIUS: Retransmit to (172.16.0.5:1645,1646) for id 1645/11
*Apr 27 15:05:30.215: RADIUS(00000014): Started 5 sec timeout
IT-T-R1(config)#
*Apr 27 15:05:34.947: RADIUS(00000014): Request timed out
*Apr 27 15:05:34.947: RADIUS: Retransmit to (172.16.0.5:1645,1646) for id 1645/11
*Apr 27 15:05:34.947: RADIUS(00000014): Started 5 sec timeout
IT-T-R1(config)#
*Apr 27 15:05:39.811: RADIUS(00000014): Request timed out
*Apr 27 15:05:39.811: RADIUS: Retransmit to (172.16.0.5:1645,1646) for id 1645/11
*Apr 27 15:05:39.811: RADIUS(00000014): Started 5 sec timeout
IT-T-R1(config)#
*Apr 27 15:05:44.507: RADIUS(00000014): Request timed out
*Apr 27 15:05:44.507: RADIUS: No response from (172.16.0.5:1645,1646) for id 1645/11
*Apr 27 15:05:44.507: RADIUS/DECODE: No response from radius-server; parse response; FAIL
*Apr 27 15:05:44.507: RADIUS/DECODE: Case error(no response/ bad packet/ op decode);parse response; FAIL
IT-T-R1(config)#
*Apr 27 15:05:46.507: AAA/AUTHEN/LOGIN (00000014): Pick method list 'default'
*Apr 27 15:05:46.511: RADIUS/ENCODE(00000014): ask "Password: "
*Apr 27 15:05:46.511: RADIUS/ENCODE(00000014): send packet; GET_PASSWORD
IT-T-R1(config)# RADIUS(00000014): Request timed out
*Apr 27 15:07:48.511: AAA/ACCT/EVENT/(00000014): CALL STOP
*Apr 27 15:07:48.511: AAA/ACCT/CALL STOP(00000014): Sending stop requests
*Apr 27 15:07:48.511: AAA/ACCT(00000014): Send all stops
*Apr 27 15:07:48.511: AAA/ACCT/NET(00000014): STOP
*Apr 27 15:07:48.511: AAA/ACCT/NET(00000014): Method list not found
*Apr 27 15:07:48.511: AAA/ACCT(00000014): del node, session 8
*Apr 27 15:07:48.511: AAA/ACCT/NET(00000014): free_rec, count 0
*Apr 27 15:07:48.511: /AAA/ACCTNET(00000014) reccnt 0, csr TRUE, osr 0
*Apr 27 15:07:48.511: AAA/ACCT/NET(00000014): Last rec in db, intf not enqueued
IT-T-R1(config)# RADIUS(00000014): Request timed out

RADIUS: id 1, priority 1, host 172.16.0.5, auth-port 1812, acct-port 1813
State: current UP, duration 3092s, previous duration 0s
Dead: total time 0s, count 0
Quarantined: No
Authen: request 4, timeouts 4, failover 0, retransmission 3
Response: accept 0, reject 0, challenge 0
Response: unexpected 0, server error 0, incorrect 0, time 0ms
Transaction: success 0, failure 1
Throttled: transaction 0, timeout 0, failure 0
Author: request 0, timeouts 0, failover 0, retransmission 0
Response: accept 0, reject 0, challenge 0
Response: unexpected 0, server error 0, incorrect 0, time 0ms
Transaction: success 0, failure 0
Throttled: transaction 0, timeout 0, failure 0
Account: request 0, timeouts 0, failover 0, retransmission 0
Request: start 0, interim 0, stop 0
Response: start 0, interim 0, stop 0
Response: unexpected 0, server error 0, incorrect 0, time 0ms
Transaction: success 0, failure 0
Throttled: transaction 0, timeout 0, failure 0
Elapsed time since counters last cleared: 51m
Estimated Outstanding Access Transactions: 0
Estimated Outstanding Accounting Transactions: 0
Estimated Throttled Access Transactions: 0
Estimated Throttled Accounting Transactions: 0
Maximum Throttled Transactions: access 0, accounting 0
Requests per minute past 24 hours:
high - 0 hours, 40 minutes ago: 4
low - 0 hours, 51 minutes ago: 0
average: 0

RADIUS: id 2, priority 2, host 172.16.0.30, auth-port 1812, acct-port 1813
State: current UP, duration 3077s, previous duration 0s
Dead: total time 0s, count 0
Quarantined: No
Authen: request 0, timeouts 0, failover 0, retransmission 0
Response: accept 0, reject 0, challenge 0
Response: unexpected 0, server error 0, incorrect 0, time 0ms
Transaction: success 0, failure 0
Throttled: transaction 0, timeout 0, failure 0
Author: request 0, timeouts 0, failover 0, retransmission 0
Response: accept 0, reject 0, challenge 0
Response: unexpected 0, server error 0, incorrect 0, time 0ms
Transaction: success 0, failure 0
Throttled: transaction 0, timeout 0, failure 0
Account: request 0, timeouts 0, failover 0, retransmission 0
Request: start 0, interim 0, stop 0
Response: start 0, interim 0, stop 0
Response: unexpected 0, server error 0, incorrect 0, time 0ms
Transaction: success 0, failure 0
Throttled: transaction 0, timeout 0, failure 0
Elapsed time since counters last cleared: 51m
Estimated Outstanding Access Transactions: 0
Estimated Outstanding Accounting Transactions: 0
Estimated Throttled Access Transactions: 0
Estimated Throttled Accounting Transactions: 0
Maximum Throttled Transactions: access 0, accounting 0
Requests per minute past 24 hours:
high - 0 hours, 51 minutes ago: 0
low - 0 hours, 51 minutes ago: 0
average: 0

RADIUS: id 3, priority 3, host 172.16.0.5, auth-port 1645, acct-port 1646
State: current UP, duration 765s, previous duration 0s
Dead: total time 0s, count 0
Quarantined: No
Authen: request 8, timeouts 8, failover 0, retransmission 6
Response: accept 0, reject 0, challenge 0
Response: unexpected 0, server error 0, incorrect 0, time 0ms
Transaction: success 0, failure 2
Throttled: transaction 0, timeout 0, failure 0
Author: request 0, timeouts 0, failover 0, retransmission 0
Response: accept 0, reject 0, challenge 0
Response: unexpected 0, server error 0, incorrect 0, time 0ms
Transaction: success 0, failure 0
Throttled: transaction 0, timeout 0, failure 0
Account: request 0, timeouts 0, failover 0, retransmission 0
Request: start 0, interim 0, stop 0
Response: start 0, interim 0, stop 0
Response: unexpected 0, server error 0, incorrect 0, time 0ms
Transaction: success 0, failure 0
Throttled: transaction 0, timeout 0, failure 0
Elapsed time since counters last cleared: 12m
Estimated Outstanding Access Transactions: 0
Estimated Outstanding Accounting Transactions: 0
Estimated Throttled Access Transactions: 0
Estimated Throttled Accounting Transactions: 0
Maximum Throttled Transactions: access 0, accounting 0
Requests per minute past 24 hours:
high - 0 hours, 6 minutes ago: 4
low - 0 hours, 13 minutes ago: 0
average: 0

2 people had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
andre18073
Level 1
Level 1
In response to Colby LeMaire

‎04-29-2020 01:06 AM - edited ‎05-01-2020 02:59 AM

Hi again, thanks for the reply, 

i have fixed the problem, there was a bug on the windows server .. if there is anyone else stuck see this on Youtube! : D Svci7HJekTA

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Colby LeMaire
VIP Alumni
VIP Alumni

‎04-27-2020 11:00 AM

It is hard to say what is wrong without seeing the configuration.  But looking at the debugs, it looks like the Radius requests are going out but no response back.  It does look like you might not have the "ip radius source-interface" set so it is using the outgoing interface IP as the source of the request.  So that could be an issue if the firewall was configured to allow a different source IP for 1645/1646.  Also, your Radius source IP should also be added to your Radius server as a network device/Radius client.  If the Radius server doesn't have the network device IP listed, then it doesn't know what shared secret to use and will just ignore the request.  Or if you have a default shared secret configured in your Radius server for all devices, it is possible that the shared secret isn't matching and that would also cause the server to drop/ignore the request.

0 Helpful

Go to solution
andre18073
Level 1
Level 1
In response to Colby LeMaire

‎04-29-2020 01:06 AM - edited ‎05-01-2020 02:59 AM

Hi again, thanks for the reply, 

i have fixed the problem, there was a bug on the windows server .. if there is anyone else stuck see this on Youtube! : D Svci7HJekTA
0 Helpful
Customers Also Viewed These Support Documents