This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Radius Message from NPS

Go to solution
Ingatel
New Contributor

‎06-18-2024 03:01 AM

I've got a Wired 802.1x implementation with a ruckus switch as the Radius client and a Microsoft NPS acting as the Radius server.

The below config line on the switch is the one causing me a lot of grief and I see a constant error showing up on Event Viewer on my NPS.

---------------------------------------------------------------------------------------------------------------------------------

radius-server host 192.168.100.251 auth-port 1812 acct-port 1813 default key Mykeyrds dot1x

------------------------------------------------------------------------------------------------------------------------------------

Error on NPS: A RADIUS message with the Code field set to 12, which is not valid, was received on port 1813 from RADIUS client My ICX switch. Valid values of the RADIUS Code field are documented in RFC 2865.

Switch ICX 7150 version is 09.0.10c

 

How do I stop the switch from sending the Code field 12 thing to my NPS???

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
BenBeck
Moderator
Moderator

‎06-19-2024 05:19 AM - edited ‎09-16-2024 10:42 AM

Adding a note here. ICX7150 support is planned to be added in 10010f this fall. 7150 is currently not supported in 10.x, however. 10010f will have the ability to disable this. Hope this helps!

 

Ben Beck, RCNA, RCNI, Principal Technical Support Engineer
support.ruckuswireless.com/contact-us

View solution in original post

7 REPLIES 7

Go to solution
Trev
New Contributor

‎06-18-2024 09:17 AM

We've got exactly the same issue on ICX7150's on Ruckus One with SPS09010h_cd2 firmware.

Any help here please Ruckus?

 

0 Kudos

Go to solution
Chandini
RUCKUS Team Member

‎06-18-2024 10:26 AM

Hi Ingatel

Thank you for reaching us 

If the query is only with respect to code field set to 12 error received and there is no issue noticed then as per RFC its a experimental feature and should not cause any impact. 

Code 12 and 13 as per RFC is experimental. Code 12 field maps to status-server(experimental).

The only code field which would be important would be Access-Request, Access-Accept, Access-Reject and Access-Challenge (Codes 1, 2, 3, and 11) and Accounting-Request and Accounting-Response packets (Codes 4 and 5). 

Link referred : https://datatracker.ietf.org/doc/html/rfc2865 

Status-Server packets are sent by a RADIUS client to a RADIUS server in order to test the status of that server and should not cause a problem. 

For now there is no available command in the switch which could help disable them but there would be no issue noticed with respect to traffic in the network.

Let me know if this helps address your concern

Thanks 

0 Kudos

Go to solution
Ingatel
New Contributor
In response to Chandini

‎06-19-2024 12:16 AM

Hi Chandini,

The problem is that the Windows Server 2019 event viewer fills up with these errors.

Is there any plan to implement a command later that resolves by disabling code 12?

Is there also a way to filter it in the NPS so that it is not detected as an error?

0 Kudos

Go to solution
Chandini
RUCKUS Team Member

‎06-19-2024 01:57 AM

Hi Ingatel

Ack and Thank you for reaching us 

Let me check about this with the team for 9010 version code. I'll post here once I have a update.

Thanks 

0 Kudos
Copyright © 2024 Khoros, LLC