Update on this: I found out that timestamp errors on the switch matches this error in radius.log on PF: Setting "limit_proxy_state = true" for client 10.10.0.5/32
What can i do about it? [cid:[email protected]] [cid:[email protected]] Martijn Langendoen Informatiebeheer [email protected]<mailto:[email protected]> [cid:[email protected]] 0118 654307 06 00000000 [cid:[email protected]]<https://www.facebook.com/dezbnl>[cid:[email protected]]<https://www.linkedin.com/company/dezbnl>[cid:[email protected]]<https://www.instagram.com/dezbnl>/dezbnl www.dezb.nl<http://www.dezb.nl> [cid:[email protected]] Kousteensedijk 7 4331 JE Middelburg Postbus 8004 4330 EA Middelburg [cid:[email protected]] Ik werk op: Maandag en Woensdag van 8:30 tot 13.00 uur Dinsdag,Donderdag en Vrijdag van 7:30 tot 17:00 Van: Martijn Langendoen via PacketFence-users <[email protected]> Verzonden: woensdag 11 juni 2025 16:44 Aan: [email protected] CC: Martijn Langendoen <[email protected]> Onderwerp: [PacketFence-users] RADIUS ALIVE/UNREACHABLE messages Opgelet: Deze e-mail is afkomstig van buiten de organisatie. Klik niet op links of open geen bijlagen tenzij je de afzender kent en weet dat de inhoud veilig is. Hi, someone has reported it before but no solution has been reported but I also have the following messages in my Juniper switches since my new pf 14.1 (in test): Jun 11 12:53:19 martijn-sw1 authd[19503]: AUTHD_RADIUS_SERVER_STATUS_CHANGE: Status of radius server 10.10.0.252 set to UNREACHABLE (profile NAC) Jun 11 12:53:49 martijn-sw1 authd[19503]: AUTHD_RADIUS_SERVER_STATUS_CHANGE: Status of radius server 10.10.0.252 set to ALIVE (profile NAC) Jun 11 13:12:46 martijn-sw1 authd[19503]: AUTHD_RADIUS_SERVER_STATUS_CHANGE: Status of radius server 10.10.0.252 set to UNREACHABLE (profile NAC) Jun 11 13:13:16 martijn-sw1 authd[19503]: AUTHD_RADIUS_SERVER_STATUS_CHANGE: Status of radius server 10.10.0.252 set to ALIVE (profile NAC) Jun 11 13:25:35 martijn-sw1 authd[19503]: AUTHD_RADIUS_SERVER_STATUS_CHANGE: Status of radius server 10.10.0.252 set to UNREACHABLE (profile NAC) Jun 11 13:26:05 martijn-sw1 authd[19503]: AUTHD_RADIUS_SERVER_STATUS_CHANGE: Status of radius server 10.10.0.252 set to ALIVE (profile NAC) Jun 11 13:43:07 martijn-sw1 authd[19503]: AUTHD_RADIUS_SERVER_STATUS_CHANGE: Status of radius server 10.10.0.252 set to UNREACHABLE (profile NAC) Jun 11 13:43:37 martijn-sw1 authd[19503]: AUTHD_RADIUS_SERVER_STATUS_CHANGE: Status of radius server 10.10.0.252 set to ALIVE (profile NAC) Jun 11 14:03:04 martijn-sw1 authd[19503]: AUTHD_RADIUS_SERVER_STATUS_CHANGE: Status of radius server 10.10.0.252 set to UNREACHABLE (profile NAC) Jun 11 14:03:34 martijn-sw1 authd[19503]: AUTHD_RADIUS_SERVER_STATUS_CHANGE: Status of radius server 10.10.0.252 set to ALIVE (profile NAC) Jun 11 14:23:07 martijn-sw1 authd[19503]: AUTHD_RADIUS_SERVER_STATUS_CHANGE: Status of radius server 10.10.0.252 set to UNREACHABLE (profile NAC) Jun 11 14:23:37 martijn-sw1 authd[19503]: AUTHD_RADIUS_SERVER_STATUS_CHANGE: Status of radius server 10.10.0.252 set to ALIVE (profile NAC) in my production setup with PF 11.2 I have this with the same radius settings no problem/messages I do experience problems with this. My switch config: set access profile NAC authentication-order radius set access profile NAC radius authentication-server 10.10.0.252 set access profile NAC radius accounting-server 10.10.0.252 set access profile NAC radius-server 10.10.0.252 port 1812 set access profile NAC radius-server 10.10.0.252 dynamic-request-port 3799 set access profile NAC radius-server 10.10.0.252 secret <snip>" set access profile NAC accounting order radius set access profile NAC accounting coa-immediate-update set access profile NAC accounting address-change-immediate-update set access profile NAC accounting update-interval 10 set access profile NAC accounting statistics volume-time set access profile NAC accounting send-acct-status-on-config-change set protocols dot1x authenticator authentication-profile-name NAC set protocols dot1x authenticator interface access-ports authentication-order mac-radius set protocols dot1x authenticator interface access-ports authentication-order dot1x set protocols dot1x authenticator interface access-ports supplicant single-secure set protocols dot1x authenticator interface access-ports quiet-period 5 set protocols dot1x authenticator interface access-ports transmit-period 5 set protocols dot1x authenticator interface access-ports mac-radius set protocols dot1x authenticator interface access-ports reauthentication 3600 set protocols dot1x authenticator interface access-ports guest-vlan 816 set protocols dot1x authenticator interface access-ports server-reject-vlan 815 set protocols dot1x authenticator interface access-ports server-fail vlan-name 40 PF14.1 is running on the same vmware cluster as the PF 11.2 with te same network settings [cid:[email protected]] [cid:[email protected]] Martijn Langendoen Informatiebeheer [email protected]<mailto:[email protected]> [cid:[email protected]] 0118 654307 06 00000000 [cid:[email protected]]<https://www.facebook.com/dezbnl>[cid:[email protected]]<https://www.linkedin.com/company/dezbnl>[cid:[email protected]]<https://www.instagram.com/dezbnl>/dezbnl www.dezb.nl<http://www.dezb.nl> [cid:[email protected]] Kousteensedijk 7 4331 JE Middelburg Postbus 8004 4330 EA Middelburg [cid:[email protected]] Ik werk op: Maandag en Woensdag van 8:30 tot 13.00 uur Dinsdag,Donderdag en Vrijdag van 7:30 tot 17:00
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
