Hugh, After communicating with the other RADIUS server vendor, I enabled "UseExtendedIds". The other RADIUS server was seeing different transactions as duplicates based on Packet ID's. Enabling Extended Id's seems to have resolve the issue.
-Neil -- Neil Johnson Network Engineer Information Technology Services The University of Iowa Work: 319 384-0938 Mobile: 319 540-2081 Fax: 319 355-2618 E-mail: neil-john...@uiowa.edu -----Original Message----- From: Hugh Irvine [mailto:h...@open.com.au] Sent: Friday, August 27, 2010 5:47 PM To: Johnson, Neil M Cc: radiator@open.com.au Subject: Re: [RADIATOR] What do these error messages indicate ? Hello Neil - In this case what is usually happening is the target RADIUS server is slow to respond, your RADIUS server sends a retransmission, the first reply comes back from the target which is processed normally, then finally the reply to the retransmission comes back and it is marked as "unknown reply" because the previous reply has already been processed. The "Bad authenticator" indicates an incorrect shared secret. regards Hugh On 27 Aug 2010, at 23:56, Johnson, Neil M wrote: > > The messages appear only when the server is under high load. I'm > investigating with the upstream radius server vendor. > > Thanks. > > -Neil > > -- > Neil Johnson > Network Engineer > Information Technology Services > The University of Iowa > Work: 319 384-0938 > Mobile: 319 540-2081 > Fax: 319 355-2618 > E-mail: neil-john...@uiowa.edu > > -----Original Message----- > From: Hugh Irvine [mailto:h...@open.com.au] > Sent: Thursday, August 26, 2010 8:20 PM > To: Johnson, Neil M > Cc: radiator@open.com.au > Subject: Re: [RADIATOR] What do these error messages indicate ? > > > Hello Neil - > > You have an incorrect shared secret for a client device and/or proxy RADIUS > target. > > regards > > Hugh > > > On 27 Aug 2010, at 11:04, Johnson, Neil M wrote: > >> I've just begun getting tools of these error messages in my log files. What >> does it mean ? >> >> Thu Aug 26 18:20:05 2010: WARNING: Unknown reply received in AuthRADIUS for >> request 145 from 128.255.6.157:1813 >> Thu Aug 26 18:20:05 2010: WARNING: Bad authenticator received in reply to ID >> 149. Reply is ignored >> Thu Aug 26 18:20:05 2010: WARNING: Unknown reply received in AuthRADIUS for >> request 170 from 128.255.6.157:1813 >> Thu Aug 26 18:20:05 2010: WARNING: Bad authenticator received in reply to ID >> 150. Reply is ignored >> Thu Aug 26 18:20:05 2010: WARNING: Unknown reply received in AuthRADIUS for >> request 229 from 128.255.6.157:1813 >> Thu Aug 26 18:20:05 2010: WARNING: Bad authenticator received in reply to ID >> 156. Reply is ignored >> >> Thanks. >> >> -Neil >> >> -- >> Neil Johnson >> Network Engineer >> Information Technology Services >> The University of Iowa >> Work: 319 384-0938 >> Mobile: 319 540-2081 >> Fax: 319 355-2618 >> E-mail: neil-john...@uiowa.edu >> >> _______________________________________________ >> radiator mailing list >> radiator@open.com.au >> http://www.open.com.au/mailman/listinfo/radiator > > > > NB: > > Have you read the reference manual ("doc/ref.html")? > Have you searched the mailing list archive > (www.open.com.au/archives/radiator)? > Have you had a quick look on Google (www.google.com)? > Have you included a copy of your configuration file (no secrets), > together with a trace 4 debug showing what is happening? > > -- > Radiator: the most portable, flexible and configurable RADIUS server > anywhere. Available on *NIX, *BSD, Windows, MacOS X. > Includes support for reliable RADIUS transport (RadSec), > and DIAMETER translation agent. > - > Nets: internetwork inventory and management - graphical, extensible, > flexible with hardware, software, platform and database independence. > - > CATool: Private Certificate Authority for Unix and Unix-like systems. > > > NB: Have you read the reference manual ("doc/ref.html")? Have you searched the mailing list archive (www.open.com.au/archives/radiator)? Have you had a quick look on Google (www.google.com)? Have you included a copy of your configuration file (no secrets), together with a trace 4 debug showing what is happening? -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows, MacOS X. Includes support for reliable RADIUS transport (RadSec), and DIAMETER translation agent. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. - CATool: Private Certificate Authority for Unix and Unix-like systems. _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
