Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
347
Views
0
Helpful
3
Replies

Test Radius send request with wrong port

oscardenizjensen
Level 1
Level 1

‎07-02-2024 07:03 AM - edited ‎07-02-2024 07:04 AM

Hej
We are testing BNG on ASR9903 (7.11.1). We setup a radius server and want to do a test for a user, but when I do the test radius command I see it uses a different port (1645-1646) instead of the configured ports 1812-1813. 

Do you guys know what causes this?

radius source-interface Loopback0 vrf default
radius-server vsa attribute ignore unknown
radius-server host 192.168.66.1 auth-port 1812 acct-port 1813
!
aaa group server radius RADIUS-TEST
server 192.168.66.1 auth-port 1812 acct-port 1813
!
aaa authentication subscriber default group RADIUS-TEST

 

LOGS

RP/0/RP0/CPU0:pe2.koeb3.dk(config)#do test radius authen group TEST-RADIUS username 999@TEST.com password cisco123
Tue Jul 2 16:04:41.664 CEST

Sending access request for user "999@TEST.com" and password "cisco123" to server-group "TEST-RADIUS
"RP/0/RP0/CPU0:Jul 2 16:04:46.773 CEST: radiusd[1188]: Received request [handle 0x66141068] with server-group : default
RP/0/RP0/CPU0:Jul 2 16:04:46.773 CEST: radiusd[1188]: Attribute List: 0x5643bbfc7de0
RP/0/RP0/CPU0:Jul 2 16:04:46.773 CEST: radiusd[1188]: 1: username len= 14 999@nuuday.com
RP/0/RP0/CPU0:Jul 2 16:04:46.773 CEST: radiusd[1188]: 2: password len= 9 <opaque value>
RP/0/RP0/CPU0:pe2.koeb3.dk(config)#RP/0/RP0/CPU0:Jul 2 16:04:46.773 CEST: radiusd[1188]: 3: Preferred Server Authentication Port len= 4 1645(66d)
RP/0/RP0/CPU0:Jul 2 16:04:46.773 CEST: radiusd[1188]: 4: Preferred Server Accounting Port len= 4 1646(66e)
RP/0/RP0/CPU0:Jul 2 16:04:46.773 CEST: radiusd[1188]: 5: Preferred Server IPv6 Address len= 16 ff::a
RP/0/RP0/CPU0:Jul 2 16:04:46.773 CEST: radiusd[1188]: Authentication request
RP/0/RP0/CPU0:Jul 2 16:04:46.774 CEST: radiusd[1188]: Trying to find the first radius server to use.
RP/0/RP0/CPU0:Jul 2 16:04:46.774 CEST: radiusd[1188]: Created transaction_id (59000011) for server group 33000000
RP/0/RP0/CPU0:Jul 2 16:04:46.774 CEST: radiusd[1188]: enable_eap_preferred_server check : app id : 3 [nas] 0
RP/0/RP0/CPU0:Jul 2 16:04:46.774 CEST: radiusd[1188]: enable_eap_preferred_server check
RP/0/RP0/CPU0:Jul 2 16:04:46.774 CEST: radiusd[1188]: Error while getting authentication type

Labels:
0 Helpful
3 Replies 3

MHM Cisco World
VIP
VIP

‎07-02-2024 07:13 AM

in test command you need to specify port or override it, again this what we do in IOS XE 

MHM

0 Helpful

oscardenizjensen
Level 1
Level 1
In response to MHM Cisco World

‎07-03-2024 01:26 AM

I do not think the command exists in XR. I used ? all the way through after each line but never given the option for entering/overriding the test port

0 Helpful

Georg Pauwen
VIP
VIP
In response to oscardenizjensen

‎07-03-2024 08:16 AM - edited ‎07-04-2024 06:50 AM

Hello,

I understand you are using BNG ? What if you use 'diameter' (aaa group server diameter) ?

PS: In addition, which RADIUS server (and version) are you using ?

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card