06-21-2012 08:39 AM
I am able to authenticate against this specific radius server from several other radius clients . However when I try to authenticate using the ASA5510 I get this message:
ERROR: Authentication Error: Invalid response received from server
When I ran a debug I got this message.
RADIUS packet decode (response)
--------------------------------------
Raw packet data (length = 27).....
02 dc 00 1b 72 06 13 3d 17 ab 45 1f 77 6f 22 38 | ....r..=..E.wo"8
e4 29 f7 d3 1b 07 38 36 34 30 30 | .)....86400
Parsed packet data.....
Radius: Code = 2 (0x02)
Radius: Identifier = 220 (0xDC)
Radius: Length = 27 (0x001B)
Radius: Vector: 7206133D17AB451F776F2238E429F7D3
Radius: Type = 27 (0x1B) Session-Timeout
Radius: Length = 7 (0x07)
Radius: Value (Hex) = 0x38363430
rad_procpkt: ACCEPT
RADIUS_DELETE
remove_req 0xad07a31c session 0x498 id 220
free_rip 0xad07a31c
radius: send queue empty
Can anyone help is there something I am missing on my asa configuration ?
06-21-2012 07:37 PM
It appears that there was a timeout waiting for a response from the Radius server. My first suggestion would be to check the Radius server and verify that it has a correct configuration for your ASA as a client.
HTH
Rick
Sent from Cisco Technical Support iPhone App
06-23-2012 08:22 PM
I would try extending your timeout value under the radius configuration on the ASA.
Jason
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide