Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

SEPM & RADIUS

Created: 05 Dec 2007 • Updated: 22 May 2010 | 5 comments
Hi,
 
Ever since installing the SEP management console on our server, which also runs RADIUS, I've been getting event log errors:
 
Event Type: Error
Event Source: secars
Event Category: None
Event ID: 4097
Description:
Failed to start Radius Server.The radius port may be used by another process.
Having read through the Symantec forums its seems that this is a fairly common problem that other people are having. I've read the other posts, and the answer to this problem, from Symantec seems to be 'change the port RADIUS is running on'. I can't believe Symantec would create software that uses such a well known port, which then stops RADIUS/IAS.
 
Why use port 1812, out of 65,000+ other ports available? This is a real pain as it means having to change the RADIUS port, and then reconfiguring our VPN, and all of our Wi-Fi units with the new port!
 
Is it not possible to change the port the SEP Management Console runs on, rather than having to reconfigure all of our other services?

Comments 5 CommentsJump to latest comment

Steddiehoward's picture
As to the why port 1812 part of your question it is used for RADIUS communication between a Protection Manager and network access control Enforcers for authenticating unique ID information with the Enforcer.  The reasoning behind grabbing the port in situations where NAC isn't being used I don't know. 
 
The implementation guide does note in chapter 3 (Planning the Product Installation), on page 57, that RADIUS servers use port 1812 and that you shouldn't install the Endpoint Protection Manager on them.
Ben Blackmore's picture

Steddiehoward wrote:
 
The implementation guide does note in chapter 3 (Planning the Product Installation), on page 57, that RADIUS servers use port 1812 and that you shouldn't install the Endpoint Protection Manager on them.


Hi Steddie,
 
Thats great for big companies that can afford to go out an buy a new server to run every new server based application that they need, but what happens in the case of a small business, that can't afford massive server farms? Even bigger companies now a day are looking at server consolidation to make efficient usage of existing resources. Developers really shouldn't be saying "don't install this app along side this app because they are incompatible".
 
I'd be interested to know whether this also happens in SEP Small Business Edition, as its obviously aimed at small businesses, who might not have multiple servers!?
 
I know small businesses (<25 employees) that have a single server running any combination of Domain Controller/Active Directory, File & Print, Backup, WSUS, RIS/WDS, Exchange, RAS, Radius, AV/FW management consoles etc. Its not a great setup granted, but it works for them, and they're not going to want to spend £1000s+ on another server, just to run SEPM.
 
Is it possible to disable the port grabbing? We don't use NAC enforcers, so don't need SEPM to grab that port!
 
Ben
mrgilpin's picture

Yes, the small business edition of SEP does this also and it is a pain. We have 1 server that runs pretty much every Windows Server Service and really can't justify the cost of a second server just because SEP doesn't play well with others. Very annoying.

Grant Scheffert's picture

Here is a document that tells you how to change the port that Symantec uses.

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007111411152348

 

ShadowsPapa's picture

You don't need a honkin' world-class state of the art machine to run SEM on (the manager part)

A good workstation with 2gig of RAM and a basic server OS would do, IMO.

We've got over 300 endpoints (I know, that's really small) but the server load is nill. Hardly ever seen the processor over a few percent and the memory use might peg at 30%, but typically runs less than 10%.

My experience shows that some things simply should not be run together......