Troubleshooting Radius; Radius Authentication Failure; Radius Packet Delivery Failure - HPE FlexNetwork 5510 HI Series Security Configuration Manual

Verifying the configuration
# Initiate an SSH connection to the switch, and enter the username aaa@bbb and password
ldap!123456. The user logs in to the switch. (Details not shown.)
# Verify that the user can use the commands permitted by the network-operator user role. (Details
not shown.)

Troubleshooting RADIUS

RADIUS authentication failure

Symptom
User authentication always fails.
Analysis
Possible reasons include:
•
A communication failure exists between the NAS and the RADIUS server.
•
The username is not in the userid@isp-name format, or the ISP domain is not correctly
configured on the NAS.
•
The user is not configured on the RADIUS server.
•
The password entered by the user is incorrect.
•
The RADIUS server and the NAS are configured with different shared keys.
Solution
To resolve the problem:
1. Verify the following items:
The NAS and the RADIUS server can ping each other.

The username is in the userid@isp-name format and the ISP domain is correctly configured

on the NAS.
The user is configured on the RADIUS server.

The correct password is entered.

The same shared key is configured on both the RADIUS server and the NAS.

2. If the problem persists, contact Hewlett Packard Enterprise Support.

RADIUS packet delivery failure

Symptom
RADIUS packets cannot reach the RADIUS server.
Analysis
Possible reasons include:
•
A communication failure exists between the NAS and the RADIUS server.
•
The NAS is not configured with the IP address of the RADIUS server.
•
The authentication and accounting UDP ports configured on the NAS are incorrect.
•
The RADIUS server's authentication and accounting port numbers are being used by other
applications.
61