Router – Juniper MX Radius server configuration: No authentication-server list configured

authenticationjuniper-mxradiusrouter

On an MX router I have configured a DHCP server and radius server authentication. Unfortunately, it is not working yet. On another MX router I have configured the same configuration and that it working fine.

See the logs below from the authlog log. It sees a request coming in and setting up the radius access request. But when it wants to send the request to the radius server it says that no authentication server is configured. Which is weird because, I have configured it right here under 'access':

radius-server {
    xx.xx.xx.xx {
        secret "secret"; ## SECRET-DATA
        source-address yy.yy.yy.yy;
    }
}


Mar  2 15:36:55.368548 radius-access-request: User-Name added: core-nkh-03.xe-0/0/3:1035
Mar  2 15:36:55.368616 radius-access-request: Service-Type added: 2
Mar  2 15:36:55.368675 radius-access-request: Chargeable-User-Identity added:
Mar  2 15:36:55.368729 radius-access-request: Acct-Session-Id added:   1039
Mar  2 15:36:55.368829 radius-access-request: DHCP-Options (Juniper-ERX-VSA) added: 35 01 01 etc
Mar  2 15:36:55.368892 radius-access-request: DHCP-MAC-Address (Juniper-ERX-VSA) added: 906c.acd1.acfb
Mar  2 15:36:55.368946 radius-access-request: NAS-Identifier added: core-nkh-03
Mar  2 15:36:55.369000 radius-access-request: NAS-Port added: 00 c0 04 0b
Mar  2 15:36:55.369046 radius-access-request: NAS-Port-Id added: xe-0/0/3.1073742606:1035
Mar  2 15:36:55.369096 radius-access-request: NAS-Port-Type added: 15
Mar  2 15:36:55.369155 authd_create_application_specific_radius_server: No authentication-server list configured
Mar  2 15:36:55.369198 authd_auth_module_start: result = 4 start_auth; state = 0
Mar  2 15:36:55.369237 authd_auth_module_start: Error in calling the start_auth
Mar  2 15:36:55.369278 REQUEST: AUTHEN - module_index 0 module(radius) return: SERVER
Mar  2 15:36:55.369330 Framework: auth result is 12. Performing post-auth operations
Mar  2 15:36:55.369370 Framework: result is 12.
Mar  2 15:36:55.369412 authd_auth_send_answer: conn=2c3d000, reply-code=3 (TIMEOUT), result-subopcode=12 (ACCESS_TIMEOUT), sub-id=1039, cookie=65795, rply_len=28, num_tlv_blocks=0
Mar  2 15:36:55.369480 Delete session: 1039
Mar  2 15:36:55.369523 Begin to logout Subscriber
Mar  2 15:36:55.369606 Removing client snapshot

So, what am i missing here?

<—–>

@Jordan

show configuration access 
radius-server {
    10.10.10.18 {
        secret "$9$secret"; ## SECRET-DATA
        source-address 10.10.10.10;
    }
}
domain-name-server-inet {
    10.10.10.18
    10.10.10.19;
}
profile local-kpn {
    accounting-order radius;
    authentication-order radius;
    accounting {
        order radius;
    }
}
address-assignment {
    pool local-kpn {
        family inet {
            network 20.20.20.0/25;
            dhcp-attributes {
                maximum-lease-time 3600;
                router {
                    20.20.20.1;
                }
            }
        }
    }
}

show configuration access-profile 
    local-kpn;

Looks good to me right?

Best Answer

Mar 2 15:36:55.369155 authd_create_application_specific_radius_server: No authentication-server list configured

It seems you missed radius server in "profile local-kpn". Try following configuration :

profile local-kpn {  
    accounting-order radius;  
    authentication-order radius;  
    radius {  
        authentication-server 10.10.10.18;  
        accounting-server 10.10.10.18;  
    }      
    accounting {  
        order radius;  
    }  
}
Related Topic