RADIUS Server x.x:1812,1813 is Not Responding and RADIUS Server – About our Access Point: All AP’s in our office have 3 SSIDs. First SSID specifically for laptops, have the same IP address with desktop computers and printers, hidden SSID and WEP encrypted password. This SSID using our proxy server in UK (head office), so will detected coming from UK.
The second SSID is for mobile devices other than laptops, this is, like smartphones, tablets, etc. they also have the same IP address range with laptops, desktops and printers means they can communicate each other. The security is WEP encrypted and MAC address must registered into Active directory, this using local breakout means using local public IP address from our local ISP.
The third SSID is for Guest, this network is separated with our internal network, they don’t have the same range IP address so will not interfere with our network. This is good because if guest’s computer has a virus it will not spread to our network and they also cannot steal our data J This SSID using WPA encrypted code and using local breakout, so it will be detected coming from our local ISP.
We just bought 2 units Access Point Cisco AIR-CAP16021-C-K9 the plan is to be used by external auditor for internet access. Since the external auditor not coming everyday means the AP utilization will quite low. We change the scenario so that existing AP Aironet 1130AG will be used by auditors and the new Cisco AIR-CAP16021-C-K9 will be used in central office.
Everything seems OK after using new AP, but we found problem in the next morning, we just found that SSID for mobile devices is not working, it cannot connect to the network thus not connected to the internet and my boss was complaint. I have to connect his iPad and iPhone to use SSID for guest and this is work fine.
I login to access point to check the problem and found log files warning:
RADIUS Server x.x.x.x:1812,1813 is Not Responding
RADIUS Server x.x.x.x:1812,1813 is Being Marked Alive.
From above error messages seems that the AP cannot contact our RADIUS server (which also our DC’s server). It could be the RADIUS server dead or not ping able from AP. But this is not the case because all other APs are working fine. The second suspect is Cisco shared secret is not the same with shared secret in RADIUS server. I tried to look what is the shared secret password by telnet Aps that working okay, when I run show run command it show the shared secret but in encrypted type 7 form. I have to decode this to see the real text. I found this website that do the job perfectly to decode the encoded shared secret password:
I just copy the number after key 7 below, paste it on the web above and I can see what the shared secret password is. I just need to re-enter the shared key on access point.
However the warning still show in the log and clients still not connected to the internet. After I ask the engineer who configure this AP he told me that he forgot to make this new AP as a RADIUS client on DC computer. After he add the AP, the warning message gone and all mobile devices can connect flawlessly.
Hopefully this posting will help when you find that your wireless client cannot connected to new deployed Access Point and you see this message: RADIUS Server x.x.x.x:1812,1813 is Not Responding and RADIUS Server x.x.x.x:1812,1813 is Being Marked Alive.