cancel
Showing results for 
Search instead for 
Did you mean: 

Radius Message from NPS

Ingatel
New Contributor

I've got a Wired 802.1x implementation with a ruckus switch as the Radius client and a Microsoft NPS acting as the Radius server.

The below config line on the switch is the one causing me a lot of grief and I see a constant error showing up on Event Viewer on my NPS.

---------------------------------------------------------------------------------------------------------------------------------

radius-server host 192.168.100.251 auth-port 1812 acct-port 1813 default key Mykeyrds dot1x

------------------------------------------------------------------------------------------------------------------------------------

Error on NPS: A RADIUS message with the Code field set to 12, which is not valid, was received on port 1813 from RADIUS client My ICX switch. Valid values of the RADIUS Code field are documented in RFC 2865.

Switch ICX 7150 version is 09.0.10c

 

How do I stop the switch from sending the Code field 12 thing to my NPS???

1 ACCEPTED SOLUTION

BenBeck
Moderator
Moderator

Adding a note here. ICX7150 support is planned to be added in 10010f this fall. 7150 is currently not supported in 10.x, however. 10010f will have the ability to disable this. Hope this helps!

 

Ben Beck, RCNA, RCNI, Principal Technical Support Engineer
support.ruckuswireless.com/contact-us

View solution in original post

6 REPLIES 6

Trev
New Contributor

We've got exactly the same issue on ICX7150's on Ruckus One with SPS09010h_cd2 firmware.

Any help here please Ruckus?

 

Chandini
RUCKUS Team Member

Hi Ingatel

Thank you for reaching us 

If the query is only with respect to code field set to 12 error received and there is no issue noticed then as per RFC its a experimental feature and should not cause any impact. 

Code 12 and 13 as per RFC is experimental. Code 12 field maps to status-server(experimental).

The only code field which would be important would be Access-Request, Access-Accept, Access-Reject and Access-Challenge (Codes 1, 2, 3, and 11) and Accounting-Request and Accounting-Response packets (Codes 4 and 5). 

Link referred : https://datatracker.ietf.org/doc/html/rfc2865 

Status-Server packets are sent by a RADIUS client to a RADIUS server in order to test the status of that server and should not cause a problem. 

For now there is no available command in the switch which could help disable them but there would be no issue noticed with respect to traffic in the network.

Let me know if this helps address your concern

Thanks 

Hi Chandini,

The problem is that the Windows Server 2019 event viewer fills up with these errors.

Is there any plan to implement a command later that resolves by disabling code 12?

Is there also a way to filter it in the NPS so that it is not detected as an error?

Chandini
RUCKUS Team Member

Hi Ingatel

Ack and Thank you for reaching us 

Let me check about this with the team for 9010 version code. I'll post here once I have a update.

Thanks