Radius Servers Replication Status "Cannot determine Status"
Article Number
Applies To
RSA Product/Service Type: RSA Authentication Manager
RSA Version/Condition: 8.5.x and earlier
Issue
In the RADIUS logs located at /opt/rsa/am/radius directory, you might see this error:
12/12/2022 03:06:53 CRadConfigServerProviderPost::ExecutePost unknown managed server spec: A70KPCRPARSA002.a70adom.bcbssc.com
12/12/2022 03:06:53 CRadConfigServerProviderPost::ExecutePost unknown managed server spec: A70KPCRPARSA002.a70adom.bcbssc.com
12/12/2022 03:06:53 CRadConfigServerProviderPost::ExecutePost unknown managed server spec: A70KPCRPARSA002.a70adom.bcbssc.com
Cause
#000050088, #000040446, #000067989
But the one we are discussing here is that there might be a network scanner, anti-virus, load balancers,...etc.
Actively trying to communicate with the radius server on ports 1812 or 1813 or both and that should be restricted as per this Documentation:
Resolution
a. Login as rsaadmin on both the primary and replicas
b. Use these commands:
sudo tcpdump -i eth0 -v -w /tmp/<filename1>.pcap -n host <ip address> and port 1812
c. Check the packet capture from the CLI directly or download the files using WINSCP or any similar tool and then check the capture using Wireshark you should see something like that:
In this example there is 2 IPs which are [10.186.17.8 & 10.186.17.9] these are load balancers actively trying to open a TCP session and terminating it.
2.Terminate those connections and you will find the status changed to synchronized.
