Wireless Access

Hi,

I'm having problems with user validation. I have controller with external captive portal and external radius for user validations. Thing is that, sometimes, controller skip my radius server, and clients can´t validate correctly.

I have two server on my group server: internal, and external radius. As you can see in the next log, users try to validate first to "iWIP-interno" (that's my radius server), and if validation fails try to validate to internal database.

In the next example, you can see how user "salones" just fail to authenticate to internal database, but i don't see the authentication failure against my radius server:

Sep 25 11:53:25  authmgr[3634]: <522275> <ERRS> |authmgr|  User Authentication failed. username=Bahfch9E8  userip=172.16.253.93 usermac=xx:xx:xx:81:59:d4 servername=iWIP-interno serverip=192.168.50.147 apname=Recepcion bssid=00:00:00:00:00:00
Sep 25 11:56:38  authmgr[3634]: <522275> <ERRS> |authmgr|  User Authentication failed. username=Bahfch9E8  userip=172.16.253.93 usermac=xx:xx:xx:81:59:d4 servername=Internal serverip=192.168.1.1 apname=Recepcion bssid=00:00:00:00:00:00
Sep 25 12:08:07  authmgr[3634]: <522275> <ERRS> |authmgr|  User Authentication failed. username=salones  userip=172.16.253.93 usermac=xx:xx:xx:81:59:d4 servername=Internal serverip=192.168.1.1 apname=Recepcion bssid=00:00:00:00:00:00
Sep 25 13:01:04  authmgr[3634]: <522275> <ERRS> |authmgr|  User Authentication failed. username=oficina  userip=172.16.253.93 usermac=xx:xx:xx:81:59:d4 servername=iWIP-interno serverip=192.168.50.147 apname=526 bssid=00:00:00:00:00:00
Sep 25 13:01:04  authmgr[3634]: <522275> <ERRS> |authmgr|  User Authentication failed. username=oficina  userip=172.16.253.93 usermac=xx:xx:xx:81:59:d4 servername=iWIP-interno serverip=192.168.50.147 apname=526 bssid=00:00:00:00:00:00

So, i thing that problem is that, i don't know why, controller sometime doesn't check radius server. I think that I should receive a "timeout" message if controller-radius server communication fails, but it's not the case, so I'm lost whit this problem...

I have XML API Logs too where i can see "authentication failed" messages with user and password that are correct:

Tese are my radius server statistics (iWIP interno is the one that I'm using):

Server        Acct Rq  Raw Rq  PAP Rq  CHAP Rq  MSCHAP Rq  MSCHAPv2 Rq  Mismatch Rsp  Bad Auth  Acc   Rej   Acct Rsp  Chal  Ukn Rsp  Tmout  AvgRspTm  Tot Rq  Tot Rsp  Rd Err  Outstanding Auths  ExpAuthTm  Uptime  SEQ
------        -------  ------  ------  -------  ---------  -----------  ------------  --------  ---   ---   --------  ----  -------  -----  --------  ------  -------  ------  -----------------  ---------  ------  ---
iWIP          0        0       0       0        0          0            0             0         0     0     0         0     0        0      0         0       0        0       0                  0          1:7:3   0/0
iWIP-interno  0        0       16018   0        0          0            0             0         7046  8972  0         0     0        3      573       16018   16018    0       1                  244        1:7:3   255/255

Any ideas?

I have controller version 6.4.2.1, model 7210

Thank you in advance.

Regards,

Hi,

I did a change in my configuration just for trying and it has been five days working fine.

What I changed in my configuration was the server order in my server group. I know that system should works both ways, but It seems to work fine now.

I had in my server group radius server in first position, and Internal server in second position, and now first server is Internal Server. I know that this have no sense, but is working..

Regards,