Dell PowerConnect W Clearpass 100 Software RADIUS Troubleshooting TechNote - Page 4

Detailed Troubleshooting

Get Dell PowerConnect W Clearpass 100 Software PDF manuals and user guides View all Dell PowerConnect W Clearpass 100 Software manuals
Add to My Manuals
Save this manual to your list of manuals

Page 4 highlights

Tech Note - RADIUS Troubleshooting Version 0.9 Detailed Troubleshooting If deeper troubleshooting is required, you can enable a detailed RADIUS debugger session by clicking on the Debug RADIUS Server button shown in the amigopod screenshot below. When debugging RADIUS problems, the #1 problem to watch out for is incorrect shared secrets. This is almost always the problem when diagnosing a "Login incorrect" message. The following section shows some typical failure scenarios and what you can expect to see in the amigopod RADIUS Debug screens. For completeness, we have tried all 8 combinations of PAP/CHAP authentication, correct password/incorrect password, and correct shared secret/incorrect shared secret. The results are as follows: Correct Password - Correct shared secret - CHAP ==> Access-Accept Correct Password - Correct shared secret - PAP ==> Access-Accept Correct password - Incorrect shared secret - CHAP ==> Access-Accept Correct password - Incorrect shared secret - PAP ==> Access-Reject Login incorrect: [[email protected]] Incorrect password - Correct shared secret - CHAP ==> Access-Reject Login incorrect (rlm_chap: Wrong user password): [[email protected]] Incorrect password - Correct shared secret - PAP ==> Access-Reject Login incorrect: [[email protected]] Incorrect password - Incorrect shared secret - CHAP ==> Access-Reject Login incorrect (rlm_chap: Wrong user password): [[email protected]] Incorrect password - Incorrect shared secret - PAP ==> Access-Reject Login incorrect: [[email protected]] CONFIDENTIAL 4

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
Tech Note – RADIUS Troubleshooting
Version 0.9
CONFIDENTIAL
4
Detailed Troubleshooting
If deeper troubleshooting is required, you can enable a detailed RADIUS debugger session
by clicking on the
Debug RADIUS Server
button shown in the amigopod screenshot below.
When debugging RADIUS problems, the #1 problem to watch out for is
incorrect shared
secrets
.
This is almost always the problem when diagnosing a "Login incorrect" message.
The following section shows some typical failure scenarios and what you can expect to see
in the amigopod RADIUS Debug screens.
For completeness, we have tried all 8 combinations of PAP/CHAP authentication, correct
password/incorrect password, and correct shared secret/incorrect shared secret.
The results are as follows:
Correct Password - Correct shared secret - CHAP ==> Access-Accept
Correct Password - Correct shared secret - PAP ==> Access-Accept
Correct password - Incorrect shared secret - CHAP ==> Access-Accept
Correct password - Incorrect shared secret - PAP ==> Access-Reject
Login incorrect:
Incorrect password - Correct shared secret - CHAP ==> Access-Reject
Login incorrect
(rlm_chap: Wrong user password): [[email protected]]
Incorrect password - Correct shared secret - PAP ==> Access-Reject
Login incorrect:
Incorrect password - Incorrect shared secret - CHAP ==> Access-Reject
Login incorrect
(rlm_chap: Wrong user password): [[email protected]]
Incorrect password - Incorrect shared secret - PAP ==> Access-Reject
Login incorrect: