The Windows 2008 Radius NPS Server is not communicating with the Lan Enforcer

Article:TECH172241  |  Created: 2011-10-19  |  Updated: 2012-03-23  |  Article URL http://www.symantec.com/docs/TECH172241
Article Type
Technical Solution


Issue



The Windows 2008 Radius NPS Server is not communicating with the Lan Enforcer


Error



The packet capture on the Lan Enforcer shows that the Lan  Enforcer is sending a Radius packet to the Radius server, but the Radius server is not replying.


Environment



Windows 2003 IAS  Radius Server

Windows 2008 NPS  Radius Server


Cause



The System  Event logs on the Radius Server has the message "A  RADIUS  message was received from the invalid RADIUS  client IP  address of 10.x.x.x.


Solution



This message usually means that the client at IP address 10.x.x.x is not authorized to communciate with the Radius Sever. Make sure that the devices the Radius Server is required to communicate with are configured on the Radius Sever.

In this particular case, during the initial testing without the Lan  Enforcer, the Radius Server was configured to only communicate with the Authenticator (Switch). After the Lan Enforcer was added back in, the Radius Server was not configured to communicate with the Lan Enforcer.




Article URL http://www.symantec.com/docs/TECH172241


Terms of use for this information are found in Legal Notices