Verifying ESA RADIUS functionality
This following articles describe the necessary steps for verifying the connectivity of your ESA RADIUS server. Each client connecting to the RADIUS server has to be explicitly configured in ESA Web Console as a RADIUS Client.
Troubleshooting a RADIUS server consists of the following steps:
•Verifying that your RADIUS server is listening for incoming requests
•Testing connectivity to the RADIUS server from your localhost
•Testing connectivity to the RADIUS server over the network
The last two steps require the NTRadPing utility.
To complete the tests in this guide, you will need an Active Directory (AD) user account for testing purposes. The user Alice is referred to throughout this guide as the AD user account used for testing. The static AD password Esa132 is used as the password for this testing account for the purposes of this guide.
Notes Before you begin, ensure that Alice has no 2FA methods enabled in the ESA Web Console. Turn off the "Require Message-Authenticator" attribute for this test to work. This guide was written for a deployment scenario where the ESA RADIUS Server runs on the same server as the ESA Authentication Server. |