Freeradius reply

Hi,

I have a Freeradius2 server and a RB411U NAS with RouterOS 4.11. If authentification is accepted on freeradius, reply are working fine but if the authentification is refuse, reply-message are not receive by the NAS . The log in the NAS always told me login fail : Radius server not responding when freeradius (in X mode) show me :

Delaying reject of request 0 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 0
Sending Access-Reject of id 19 to X.X.X.X port 56837
Reply-Message = “Your maximum usage time has been reached”
Waking up in 4.9 seconds.
Cleaning up request 0 ID 19 with timestamp +8
Ready to process requests.

At first, it was behind nat so I gived a public IP address to the NAS and it’s still the same. The NAS have no firewall and the firewall accept everything coming from the NAS at destination of the radius server. The radius incoming on the NAS are enable. I tryed it with port 1700 and 3799. Could somebody help me on this.

Thanks.

Delaying reject of request 0 for 1 seconds

That means that the RADIUS server is going to wait for 1 second after receiving the request.
The default timeout on ROS is 100ms (http://wiki.mikrotik.com/wiki/Manual:RADIUS_Client#Properties), so if it doesn’t receive a reply in under 100ms it will not consider it part of an answer. So you can either retrain FreeRADIUS to not wait one second, or set the timeout in ROS to more than 1 second.

I didn’t find how to disable freeradius delay but change the ROS timeout at 1100 ms and it’s working fine.

Thanks for your help.

Yeah i too adjusted the timeout to 1000ms

/radius set [find where 1]  timeout=00:00:01

, i no longer get the radius is not responding error logs