[RADIATOR] What do these error messages indicate ?
Hugh Irvine
hugh at open.com.au
Fri Aug 27 17:46:48 CDT 2010
Hello Neil -
In this case what is usually happening is the target RADIUS server is slow to respond, your RADIUS server sends a retransmission, the first reply comes back from the target which is processed normally, then finally the reply to the retransmission comes back and it is marked as "unknown reply" because the previous reply has already been processed.
The "Bad authenticator" indicates an incorrect shared secret.
regards
Hugh
On 27 Aug 2010, at 23:56, Johnson, Neil M wrote:
>
> The messages appear only when the server is under high load. I'm investigating with the upstream radius server vendor.
>
> Thanks.
>
> -Neil
>
> --
> Neil Johnson
> Network Engineer
> Information Technology Services
> The University of Iowa
> Work: 319 384-0938
> Mobile: 319 540-2081
> Fax: 319 355-2618
> E-mail: neil-johnson at uiowa.edu
>
> -----Original Message-----
> From: Hugh Irvine [mailto:hugh at open.com.au]
> Sent: Thursday, August 26, 2010 8:20 PM
> To: Johnson, Neil M
> Cc: radiator at open.com.au
> Subject: Re: [RADIATOR] What do these error messages indicate ?
>
>
> Hello Neil -
>
> You have an incorrect shared secret for a client device and/or proxy RADIUS target.
>
> regards
>
> Hugh
>
>
> On 27 Aug 2010, at 11:04, Johnson, Neil M wrote:
>
>> I've just begun getting tools of these error messages in my log files. What does it mean ?
>>
>> Thu Aug 26 18:20:05 2010: WARNING: Unknown reply received in AuthRADIUS for request 145 from 128.255.6.157:1813
>> Thu Aug 26 18:20:05 2010: WARNING: Bad authenticator received in reply to ID 149. Reply is ignored
>> Thu Aug 26 18:20:05 2010: WARNING: Unknown reply received in AuthRADIUS for request 170 from 128.255.6.157:1813
>> Thu Aug 26 18:20:05 2010: WARNING: Bad authenticator received in reply to ID 150. Reply is ignored
>> Thu Aug 26 18:20:05 2010: WARNING: Unknown reply received in AuthRADIUS for request 229 from 128.255.6.157:1813
>> Thu Aug 26 18:20:05 2010: WARNING: Bad authenticator received in reply to ID 156. Reply is ignored
>>
>> Thanks.
>>
>> -Neil
>>
>> --
>> Neil Johnson
>> Network Engineer
>> Information Technology Services
>> The University of Iowa
>> Work: 319 384-0938
>> Mobile: 319 540-2081
>> Fax: 319 355-2618
>> E-mail: neil-johnson at uiowa.edu
>>
>> _______________________________________________
>> radiator mailing list
>> radiator at open.com.au
>> http://www.open.com.au/mailman/listinfo/radiator
>
>
>
> NB:
>
> Have you read the reference manual ("doc/ref.html")?
> Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
> Have you had a quick look on Google (www.google.com)?
> Have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. Available on *NIX, *BSD, Windows, MacOS X.
> Includes support for reliable RADIUS transport (RadSec),
> and DIAMETER translation agent.
> -
> Nets: internetwork inventory and management - graphical, extensible,
> flexible with hardware, software, platform and database independence.
> -
> CATool: Private Certificate Authority for Unix and Unix-like systems.
>
>
>
NB:
Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
More information about the radiator
mailing list