Security

Reply
Highlighted
MVP Expert

ClearPass Error 106 - Still Sending RADIUS Response?

We have an unusual issue with one of our CPPM servers where the RADIUS and Policy services continue running, but I'm receiving Error Code 106:

Error Message:
Internal error in RADIUS server

My question is when the server does not match a service and has this error, does it return a RADIUS reject or do the request normally timeout on the NAS side? This is for Cisco wired 802.1x/MAC Auth. We are looking at our configuration options and need to know if a response is returned or not.

 

Thanks.



Michael Haring
If my answer is helpful, a Kudos is always appreciated!
MVP Guru

Re: ClearPass Error 106 - Still Sending RADIUS Response?

Are you not seeing any authentication failures in access tracker with this error message?

 

Some time we see this error message if their is delay in authenticaton/authorization source radius response. Can you cross check if their is time sync and network delay issue.

 

 

 

Regards,
Pavan
If my post address your queries, give kudos and accept as solution!
NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
MVP Expert

Re: ClearPass Error 106 - Still Sending RADIUS Response?

No delays, after this starts every request from that point forward we receive rejected RADIUS requests with that error code. I've got a TAC case open and restarting the policy service fixes it, but in between this event and us identifying that, we are having a lot of users affected. We want to do some configuration on our switches to help with a failure like this, but depends on if we are receiving a rejected radius response or no radius response.



Michael Haring
If my answer is helpful, a Kudos is always appreciated!
MVP Expert

Re: ClearPass Error 106 - Still Sending RADIUS Response?

I was able to confirm with my TAC engineer that a RADIUS response does not take place because the failure is happening in the beginning stages of the request handling and does not go far enough to process an accept or reject response.

 

Thanks for the help everyone.



Michael Haring
If my answer is helpful, a Kudos is always appreciated!
MVP Guru

Re: ClearPass Error 106 - Still Sending RADIUS Response?

Yes, radius thread handles the request, if radius request coming in and their is no response or delay from authentication source, number of request in queue will increase and certain point thread will run out which result in authentication failure and restart serivce will fix it temperorly for but we need to look in to dealy which causing it.

 

 

Regards,
Pavan
If my post address your queries, give kudos and accept as solution!
NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: