I am trying to authenticate the passive firewall via Radius for management purposes.
In the active firewall I have the same radius server configured with two different secret keys (one for active and one for passive). On my radius server I have two clients. One is the active firewall and the other for the passive.
I can authenticate the active firewall without any issues. However, the passive firewall will not authenticate. I receive an unknown user error.
Is this configuration possible?
Hi there...The passive firewall should authenticate to Radius just like the active firewall. Have you tried swapping the 2 Radius clients such that the passive firewall will authenticate to the active client, and active firewall --> passive client? Also, you may want to check the secret key for typo. Thanks.
Confirm that you have both firewall local ip addresses setup on the RADIUS server.
The configuration is possible.
Check the system log to see if there is a more specific error.
Do a packet capture on the RADIUS server of the failed login to get the full details on the transaction.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!