Massive Syslog Messages for RADIUS Accounting

  • 0
  • 1
  • Question
  • Updated 3 years ago
  • Doesn't Need an Answer

Hi there,


we discovered some Switches are sending  "RADIUS Accounting Errors" to our NetSight. They are look pretty much like this:

AAA[13]RADIUS Attempted the configured number of retries (3) to accounting server #2 without a server response for 00-XX-XX-XX-XX-XX (username '00-XX-XX-XX-XX-XX') on port tg.13.3

The most messages are from our bonded S8-Chassis, which obviously got the most users connected.

The Server "number" varies as well as the ports, but all of our 5 NAC Gateways are up and running... and we don't see other errors on the network.

The switch sends about 20-30 Messages every few minutes.


Does anyone know what this Messages could cause or exactly mean?


Thanks in advance,

Martin


This is our RADIUS Config:

# radius
set radius enable
set radius timeout 10
set radius server 1 10.233.23.21 1812 :secret:
set radius max-sessions 6000 1
set radius server 2 10.233.23.22 1812 :secret:
set radius max-sessions 4500 2
set radius server 3 10.233.23.23 1812 :secret:
set radius max-sessions 4500 3
set radius server 4 10.233.23.24 1812 :secret:
set radius max-sessions 6000 4
set radius algorithm round-robin
set radius accounting enable
set radius accounting server 1 10.233.23.21 1813 :secret:
set radius accounting retries 3 1
set radius accounting timeout 10 1
set radius accounting server 2 10.233.23.22 1813 :secret:
set radius accounting retries 3 2
set radius accounting timeout 10 2
set radius accounting server 3 10.233.23.23 1813 :secret:
set radius accounting retries 3 3
set radius accounting timeout 10 3
set radius accounting server 4 10.233.23.24 1813 :secret:
set radius accounting retries 3 4
set radius accounting timeout 10 4







Photo of MartinS

MartinS

  • 430 Points 250 badge 2x thumb

Posted 3 years ago

  • 0
  • 1
Photo of Ronald Dvorak

Ronald Dvorak, Embassador

  • 49,972 Points 20k badge 2x thumb
I'm not an expert on RADIUS accounting but could you check whether it's it enabled on the NACs ?