Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Alexey2021-10-27 07:00:52
SSH
Alexey, 2021-10-27 07:00:52

Is authorization on the equipment through Radius not the first time?

Good afternoon.
Available:
AD
Radius server
Network equipment

Authorization via Radius with AD is configured on the network equipment. Recently, when trying to enter the equipment, this either takes a very long time, or not the first time.
I looked at the routes, everything looks the same as before, but maybe I missed something.
I ran TCPDUMP on the Radius server, here is the output:

10:47:05.565120 IP 10.10.10.22.1812 > 10.10.20.30.1812: RADIUS, Access-Request (1), id: 0x05 length: 137

10:47:10.549474 IP 10.10.10.22.1812 > 10.10.20.30.1812: RADIUS, Access-Request (1), id: 0x05 length: 137

10:47:15.549875 IP 10.10.10.22.1812 > 10.10.20.30.1812: RADIUS, Access-Request (1), id: 0x05 length: 137

10:47:20.550572 IP 10.10.10.22.1812 > 10.10.20.30.1812: RADIUS, Access-Request (1), id: 0x05 length: 137

10:47:33.549433 IP 10.10.10.22.1812 > 10.10.20.30.1812: RADIUS, Access-Request (1), id: 0x06 length: 137

10:47:38.534584 IP 10.10.10.22.1812 > 10.10.20.30.1812: RADIUS, Access-Request (1), id: 0x06 length: 137

10:47:41.167917 IP 10.10.20.30.1812 > 10.10.10.22.1812: RADIUS, Access-Accept (2), id: 0x05 length: 51

10:47:41.226837 IP 10.10.20.30.1812 > 10.10.10.22.1812: RADIUS, Access-Accept (2), id: 0x06 length: 51


If you look at the time, you can see that it all takes about a minute, which is a very long time.
In a normal situation, it looks like this:
10:48:37.549433 IP 10.10.10.22.1812 > 10.10.20.30.1812: RADIUS, Access-Request (1), id: 0x06 length: 137

10:48:37.534584 IP 10.10.20.30.1812 > 10.10.10.22.1812: RADIUS, Access-Accept (2), id: 0x06 length: 51


After such a long attempt to enter, subsequent attempts to enter this switch will be immediately successful for some time.

Maybe someone came across or tell me where to look. Thank you.

Logs with RADIUS at the same time.
Wed Oct 27 10:47:10 2021 : Error: (53) Ignoring duplicate packet from client CLIENT port 1812 - ID: 5 due to unfinished request in component authenticate module pam

Wed Oct 27 10:47:15 2021 : Error: (53) Ignoring duplicate packet from client CLIENT  port 1812 - ID: 5 due to unfinished request in component authenticate module pam

Wed Oct 27 10:47:20 2021 : Error: (53) Ignoring duplicate packet from client CLIENT  port 1812 - ID: 5 due to unfinished request in component authenticate module pam

Wed Oct 27 10:47:38 2021 : Error: (54) Ignoring duplicate packet from client CLIENT  port 1812 - ID: 6 due to unfinished request in component authenticate module pam

Wed Oct 27 10:47:41 2021 : Auth: (53) Login OK: [pupkin_vv] (from client CLIENT  port 0 cli 10.30.6.31)

Wed Oct 27 10:47:41 2021 : Auth: (54) Login OK: [pupkin_vv] (from client CLIENT  port 0 cli 10.30.6.31)

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

0 answer(s)
Similar questions
T
T_y_l_e_r2016-12-23 14:31:26
How to see the contents of the var/www folder? 3Reply
A
a13574362019-05-21 19:31:03
How to access cron? 1Reply
A
Alexander2017-01-08 19:06:13
What is the best way to transfer files to a virtual machine in VirtualBox? 4Reply
R
Roman Blagov2015-01-14 17:38:04
What is the advantage of VPN over SSH? 2Reply
_
_umr2017-01-20 17:23:38
How to correctly end shh session in DigitalOcean? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question