On an MX router I have configured a DHCP server and radius server authentication. Unfortunately, it is not working yet. On another MX router I have configured the same configuration and that it working fine.
See the logs below from the authlog log. It sees a request coming in and setting up the radius access request. But when it wants to send the request to the radius server it says that no authentication server is configured. Which is weird because, I have configured it right here under 'access':
radius-server {
xx.xx.xx.xx {
secret "secret"; ## SECRET-DATA
source-address yy.yy.yy.yy;
}
}
Mar 2 15:36:55.368548 radius-access-request: User-Name added: core-nkh-03.xe-0/0/3:1035
Mar 2 15:36:55.368616 radius-access-request: Service-Type added: 2
Mar 2 15:36:55.368675 radius-access-request: Chargeable-User-Identity added:
Mar 2 15:36:55.368729 radius-access-request: Acct-Session-Id added: 1039
Mar 2 15:36:55.368829 radius-access-request: DHCP-Options (Juniper-ERX-VSA) added: 35 01 01 etc
Mar 2 15:36:55.368892 radius-access-request: DHCP-MAC-Address (Juniper-ERX-VSA) added: 906c.acd1.acfb
Mar 2 15:36:55.368946 radius-access-request: NAS-Identifier added: core-nkh-03
Mar 2 15:36:55.369000 radius-access-request: NAS-Port added: 00 c0 04 0b
Mar 2 15:36:55.369046 radius-access-request: NAS-Port-Id added: xe-0/0/3.1073742606:1035
Mar 2 15:36:55.369096 radius-access-request: NAS-Port-Type added: 15
Mar 2 15:36:55.369155 authd_create_application_specific_radius_server: No authentication-server list configured
Mar 2 15:36:55.369198 authd_auth_module_start: result = 4 start_auth; state = 0
Mar 2 15:36:55.369237 authd_auth_module_start: Error in calling the start_auth
Mar 2 15:36:55.369278 REQUEST: AUTHEN - module_index 0 module(radius) return: SERVER
Mar 2 15:36:55.369330 Framework: auth result is 12. Performing post-auth operations
Mar 2 15:36:55.369370 Framework: result is 12.
Mar 2 15:36:55.369412 authd_auth_send_answer: conn=2c3d000, reply-code=3 (TIMEOUT), result-subopcode=12 (ACCESS_TIMEOUT), sub-id=1039, cookie=65795, rply_len=28, num_tlv_blocks=0
Mar 2 15:36:55.369480 Delete session: 1039
Mar 2 15:36:55.369523 Begin to logout Subscriber
Mar 2 15:36:55.369606 Removing client snapshot
So, what am i missing here?
<—–>
@Jordan
show configuration access
radius-server {
10.10.10.18 {
secret "$9$secret"; ## SECRET-DATA
source-address 10.10.10.10;
}
}
domain-name-server-inet {
10.10.10.18
10.10.10.19;
}
profile local-kpn {
accounting-order radius;
authentication-order radius;
accounting {
order radius;
}
}
address-assignment {
pool local-kpn {
family inet {
network 20.20.20.0/25;
dhcp-attributes {
maximum-lease-time 3600;
router {
20.20.20.1;
}
}
}
}
}
show configuration access-profile
local-kpn;
Looks good to me right?
Best Answer
Mar 2 15:36:55.369155 authd_create_application_specific_radius_server: No authentication-server list configured
It seems you missed radius server in "profile local-kpn". Try following configuration :