RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 7.1 SP4
Platform: UNIX
O/S Version: Solaris 10
It is not possible to manage RADIUS from the RSA Security Console.
The following error appears on RSA Security Console > Radius > Radius Servers when selecting a server and clicking View or Edit:
Unable to connect to RSA RADIUS Server to load Replication data or modify IP or Replication settings.
When entering the Edit option, it is not possible to Enable replication because the box is greyed out.
When AM's RADIUS is started, RADIUS log (see Notes below for location) shows the following errors, and RADIUS startup fails:
Failed in attempt to bind to 10.250.254.15 and well-known port 1646
Initialized Radius socket address 10.250.254.15 port 1813 (receive buffer size 57344 bytes)
Initialized Radius socket address 10.250.254.15 port 1646 (receive buffer size 57344 bytes)
Unable to bind UDP socket for Radius requests
Failed in attempt to bind to 10.250.254.15 and well-known port 1813
Unable to bind UDP socket for Radius requests
Failed in attempt to bind to 10.250.254.15 and well-known port 1645
Initialized Radius socket address 10.250.254.15 port 1645 (receive buffer size 57344 bytes)
Initialized Radius socket address 10.250.254.15 port 1812 (receive buffer size 57344 bytes)
Unable to bind UDP socket for Radius requests
Failed in attempt to bind to 10.250.254.15 and well-known port 1812
admin transport error: could not listen on TCP port 1812, because it is already in use code: 125
admin interface is not operational due to transport failure (could not start listening)
admin transport error: could not listen on TCP port 1813, because it is already in use code: 125
admin interface is not operational due to transport failure (could not start listening)
At some time before that (perhaps in a previous day's log), the RADIUS log shows the following sequence:
1. Two or more RADIUS processes starting
Version: v6.11.5183
Version: v6.11.5183
Process ID of daemon is 7251
Process ID of daemon is 7252
2. Only the one of these (e.g. pid 7252) was able to open the required ports.
3. One of the two Radius processes (which would be 7251 in this example) indicating it was shutdown:
Shutting down Radius Authentication Server ...
Shutting down Radius Accounting Server ...
Completed server shutdown process
There is a RADIUS client embedded within RSA Authentication Manager (AM), that is used to talk to AM's RADIUS servers. This error ("Unable to connect to RSA RADIUS Server...") is effectively a connectivity issue between AM's RADIUS client and AM's RADIUS servers.
As with any connectivity issue, there are numerous reasons that AM's RADIUS client could be unable to connect to the RADIUS server, such as a RADIUS secret issue, changed IP address or SSL certificate problem.
This Knowledge Base article covers a connectivity issue caused by multiple RADIUS server instances running.
This cause is evident when there are errors in the RADIUS log showing it failed to start, however when you login to SSH on AM and issue lsof commands for RADIUS ports 1812, 1813, 1645 and 1646, you see there is already a RADIUS process holding one or more of those ports open.
lsof -i :1813
lsof -i :1645
lsof -i :1646
If a RADIUS processes is already running, output will be something like:
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
radius_ge 7252 root 258u IPv4 0x6002b46ac00 0t0 UDP <am-server-fqdn>:1812
radius_ge 7252 root 260u IPv4 0x600339c3140 0t0 TCP *:1812 (LISTEN)
"radius_ge" has the 1812 port open in the above example. That is the RSA Radius process <AM_INSTALL>/radius/radius_generic.
Login to AM's SSH and issue the following commands:
1. Stop all AM processes
cd <am-install>/server
./rsaam stop all
2. Then, make sure that there are now no Radius processes remaining, using the following command:
ps -e | grep radius
For each one that is still running:
./rsaam stop radius
b. Run ps again to make sure all are now stopped:
ps -e | grep radius
c. For any that the rsaam stop command cannot stop, kill the pid of the remaining Radius process(es):
kill -9 <pid>
3. Once all RADIUS processes are definitely stopped, then you can start services again:
./rsaam start all
4. Check to be sure only one copy of RADIUS is now running:
ps -e | grep radius
5. Test to see if Radius can now be managed from the RSA Security Console
Related Articles
Configure Security Console Authentication Methods Number of Views RSA Governance & Lifecycle Integration: Oracle Internet Directory Oracle Directory Server ODS Summary Number of Views Cisco ISE 3.2 - SAML Relying Party Configuration - RSA Ready Implementation Guide Number of Views Unable to create RADIUS profiles via the RSA Authentication Manager Security Console Number of Views Firefox reports Secure Connection Failed when connecting to the RSA Security Console Number of Views
Trending Articles
RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager 8.9 Release Notes (January 2026) How to install the jTDS JDBC driver on WildFly for use with Data Collections in RSA Identity Governance & Lifecycle RSA Authentication Manager 8.8 Setup and Configuration Guide Artifacts to gather in RSA Identity Governance & Lifecycle
