cancel
Showing results for 
Search instead for 
Did you mean: 

Radius logs show success but controller shows error

Radius logs show success but controller shows error

Ty_Kolff
New Contributor II
We just installed two new C5210 controllers for a client. They also currently have two C4110-1 controllers in production. One of the new controllers that was installed is not authenticating via Radius with a Windows 2012 NPS server. The logs on the NPS server show a successfull authentication, however the wireless controller shows an error. When I test the radius server from the WLAN auth section I receive the following error: RADIUS_SHAREDSECRETKEY_DECODE_FAILED

The authentication request does show in the NPS logs with an incorrect user account/password error. So the controller is sending radius requests to the server successfully. If I test the radius server from the Login Maintenance screen using authorized credentials the test returns a "System error" message, while the NPS server shows an authentication success message.

I have removed the WLAN controller as a radius client and then added it back. I have also deleted the radius server from the controller and added it back. The shared secret is entered correctly and it is sending the authentication requests to the radius server correctly, it just doesn't seem that it is receiving a proper response back.

The other new controller is authentication properly as well as the two existing controllers. It is only one controller that is experiencing this issue.

Thank You.
10 REPLIES 10

Jason1
Extreme Employee
Thanks Ty.

Ty_Kolff
New Contributor II
This issue is solved now. There was a Radius Client listed with the same IP address as the controller on the NPS server (apparently there was a previous server with the same IP that is no longer in use). Once I deleted the duplicate radius client, authentication worked perfectly.

Ronald_Dvorak
Honored Contributor
OK so it looks like that the shared secret is correct on both ends.
As I've mentioned I'd check the log to see whether you hit the right connection request / network policy on the NPS.

Ty_Kolff
New Contributor II
When I said "The authentication request does show in the NPS logs with an incorrect user account/password error. " I meant when you are using the 'Test' button on the WLAN Auth & Acct tab. It doesn't allow a username to be entered so it fails in the NPS Logs.

When I test it from the Login Maintenance screen on the radius authentication tab and it allows me to enter a username/password, it will show as a successful authentication in the NPS logs.

Thanks.
GTM-P2G8KFN