View sample logs for RADIUS failover scenarios, v20.06
Communications are faulty with the target SecureAuth® Identity Platform.
RADIUS server receives no response.
RADIUS server receives errors from SecureAuth IdP.
Failover to a SecureAuth Identity Platform RADIUS backup server is configured under Step B: IdP Realms configuration, v20.06, "Add IdP realm."
Failover scenario: Primary RADIUS server fails over to secondary, functioning RADIUS server
[25/Oct/2018:13:18:16 -0700] ERROR IdPAPIAccess: Primary IdP server failed: https://secureauth.company.com/SecureAuth3. Checking failover servers. [25/Oct/2018:13:18:16 -0700] INFO IdPAPIAccess: Falling back to server: sa01.company.com [25/Oct/2018:13:18:17 -0700] INFO AuditLog: Start authentication session for user: user-adm; NAS-IP: 123.45.67.89 [25/Oct/2018:13:18:17 -0700] DEBUG RadiusLibFacade: sending response: id=230 type=Access-Challenge [25/Oct/2018:13:18:17 -0700] DEBUG RadiusLibFacade: sending response: id=231 type=Access-Challenge [25/Oct/2018:13:18:17 -0700] DEBUG RadiusLibFacade: sending response: id=232 type=Access-Challenge [25/Oct/2018:13:18:17 -0700] DEBUG RadiusLibFacade: sending response: id=233 type=Access-Challenge [25/Oct/2018:13:18:18 -0700] DEBUG RadiusLibFacade: sending response: id=234 type=Access-Challenge [25/Oct/2018:13:18:18 -0700] DEBUG RadiusLibFacade: sending response: id=235 type=Access-Challenge [25/Oct/2018:13:18:18 -0700] INFO SARadiusServer: GTCHandler has been called. [25/Oct/2018:13:18:19 -0700] DEBUG RadiusLibFacade: sending response: id=236 type=Access-Challenge [25/Oct/2018:13:18:39 -0700] INFO SARadiusServer: GTCHandler has been called. [25/Oct/2018:13:18:39 -0700] DEBUG RadiusLibFacade: sending response: id=237 type=Access-Challenge [25/Oct/2018:13:18:40 -0700] DEBUG RadiusLibFacade: sending response: id=238 type=Access-Accept [25/Oct/2018:13:18:40 -0700] INFO AuditLog: Granted access to user: user-adm; NAS-IP: 123.45.67.89
Failover scenario: Primary RADIUS server fails over to other non-functioning RADIUS servers
[25/Oct/2018:14:22:27 -0700] INFO AuditLog: Abandoned previous session for user: user-adm; NAS-IP: 123.45.67.89 [25/Oct/2018:14:22:27 -0700] ERROR IdPAPIAccess: Primary IdP server failed: https://secureauth.company.com/SecureAuth3. Checking failover servers. [25/Oct/2018:14:22:28 -0700] INFO AuditLog: Start authentication session for user: user-adm; NAS-IP: 123.45.67.89 [25/Oct/2018:14:22:28 -0700] DEBUG RadiusLibFacade: sending response: id=6 type=Access-Challenge [25/Oct/2018:14:22:28 -0700] DEBUG RadiusLibFacade: sending response: id=7 type=Access-Challenge [25/Oct/2018:14:22:28 -0700] DEBUG RadiusLibFacade: sending response: id=8 type=Access-Challenge [25/Oct/2018:14:22:28 -0700] DEBUG RadiusLibFacade: sending response: id=9 type=Access-Challenge [25/Oct/2018:14:22:28 -0700] DEBUG RadiusLibFacade: sending response: id=10 type=Access-Challenge [25/Oct/2018:14:22:28 -0700] DEBUG RadiusLibFacade: sending response: id=11 type=Access-Challenge [25/Oct/2018:14:22:29 -0700] INFO SARadiusServer: GTCHandler has been called. [25/Oct/2018:14:22:29 -0700] INFO IdPAPIAccess: Password authentication failed: invalid; message: AppId is unknown. [25/Oct/2018:14:22:29 -0700] INFO PasswordState: User/Password verification failed for user: user-adm. [25/Oct/2018:14:22:29 -0700] DEBUG RadiusLibFacade: sending response: id=12 type=Access-Reject [25/Oct/2018:14:22:29 -0700] INFO AuditLog: Denied access request by user: user-adm; NAS-IP: 123.45.67.89
Failover scenario: Primary RADIUS server fails over to secondary server that fails; failover attempt to third server is successful
[25/Oct/2018:14:30:55 -0700] ERROR IdPAPIAccess: Primary IdP server failed: https://secureauth.company.com/SecureAuth3. Checking failover servers. [25/Oct/2018:14:30:55 -0700] INFO IdPAPIAccess: Falling back to server: sa01.secureauth.com [25/Oct/2018:14:30:56 -0700] INFO AuditLog: Start authentication session for user: user-adm; NAS-IP: 123.45.67.89 [25/Oct/2018:14:30:56 -0700] DEBUG RadiusLibFacade: sending response: id=13 type=Access-Challenge [25/Oct/2018:14:30:56 -0700] DEBUG RadiusLibFacade: sending response: id=14 type=Access-Challenge [25/Oct/2018:14:30:56 -0700] DEBUG RadiusLibFacade: sending response: id=15 type=Access-Challenge [25/Oct/2018:14:30:56 -0700] DEBUG RadiusLibFacade: sending response: id=16 type=Access-Challenge [25/Oct/2018:14:30:57 -0700] DEBUG RadiusLibFacade: sending response: id=17 type=Access-Challenge [25/Oct/2018:14:30:57 -0700] DEBUG RadiusLibFacade: sending response: id=18 type=Access-Challenge [25/Oct/2018:14:30:57 -0700] INFO SARadiusServer: GTCHandler has been called. [25/Oct/2018:14:30:57 -0700] DEBUG RadiusLibFacade: sending response: id=19 type=Access-Challenge [25/Oct/2018:14:31:18 -0700] INFO SARadiusServer: GTCHandler has been called. [25/Oct/2018:14:31:18 -0700] DEBUG RadiusLibFacade: sending response: id=20 type=Access-Challenge [25/Oct/2018:14:31:18 -0700] DEBUG RadiusLibFacade: sending response: id=21 type=Access-Accept [25/Oct/2018:14:31:18 -0700] INFO AuditLog: Granted access to user: user-adm; NAS-IP: 123.45.67.89 ============================ Primary IdP Host: secureauth.company.com Backup IdP Host: secureauth2.company.com,sa01.secureauth.com