Troubleshoot SafeNet Agent for FreeRADIUS
Inaccessible RADIUS Client API
Problem: The Script output displays the message, The SafeNet RADIUS Client API is not accessible.
Validating the ${prod_family} RADIUS Client API URL is accessible…
The ${prod_family} RADIUS Client API is not accessible.
Solution: Check if the Client API is accessible on the SAS PCE server. This can be verified by following the steps:
-
Open IIS Manager on the SAS PCE Server.
-
In the left Pane, navigate to, localhost website > Sites > Default Web Site.
-
Click /RADIUS.
-
In the right Pane, click Browse *:80 (http).
If the RADIUS Client API does not allow browsing, the Agent Deployment Script will not be able to access the RADIUS Client API from the RADIUS Server.
Also, check if the RADIUS Client API URL is accessible from the RADIUS Server. The URL for RADIUS Client API is in the following format: http:///RADIUS/api/RADIUS/clients
Inaccessible FreeRADIUS Container Port
Problem: The Script output displays the message, The Port is not accessible.
The Port is not accessible. Ensure that the Port is not use by other process or routine.
Solution: Check if the port is in use by any other process or routine. Execute the following command to check if the port is in use:
netstat –tuplen | grep <Port number>
Unsuccessful Deployment of FreeRADIUS Container
Problem: The Script output displays the message, The FreeRADIUS container is not deployed successfully.
Solution: Check the logs as per Log Drivers.
-
If JSON file driver is used, check using the following command:
docker logs –f FreeRADIUSv3
-
If SYSLOG file driver is used, check using the following command against FreeRADIUS tag.
cat /var/log/messages
Bad Interpreter – Bin / Bash File
Ensure that the user has privileges to execute the /bin/bash
file.
To verify, open your script with vi or vim. Enter through vi command mode (ESC key), and then type the following and save it: :set fileformat=unix
To save, use the following text: :x! or :wq!
Hostname Resolution for STA and SAS PCE
Problem: If the logs displays the following error, Hostname does not resolve.
Solution: Ensure that the IP and the hostname entries are present under the following path: /etc/hosts
STA Hostname and IP are provided under the Auth Node section.