Environment
Novell NMAS Radius 4.14
Novell NetWare 6.5
Novell BorderManager 3.8
Novell NetWare 6.5
Novell BorderManager 3.8
Situation
This document is intended as a general step-by-step process to
determine what is failing in the RADIUS components.
Resolution
If there are problems getting the RADIUS service to start due to
logging into the DAS (Dial Access System) object in eDirectory,
correct those password errors first. Once the RADIUS service
starts, the administrator is capable of troubleshooting the service
by :
- From the server console, start up the debugging. It is
recommended to start the logging of this information rather than
just the screen logging. Screen logging is done by running
the command :File logging is turned on by :
RADIUS DEBUG ON
The file for logging is stored in the SYS:/ETC/RADIUS/DEBUG/RADDBG.LOG file.RADIUS DEBUGLOG ON
- Refresh the RADIUS cache. This is done by running the
command :
RADIUS REFRESHCACHE - Consult the RADIUS Debug console screen (or the RADDBG.LOG file) for any errors. Before authentication can be guaranteed to operate, the client table must successfully refresh.
- Attempt a connection using the test client, or using the device that has "failed" to operate.
- Wait for the Access-Reject, Access-Accept, or a timeout to occur.
- Consult the RADIUS Debug console screen again (or the RADDBG.LOG file) for errors associated with the authentication attempt, and resolve them (resolution depends on the errors - please consult the knowledge base with the specific errors).