HP-UX AAA Server A.08.00.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software

471

472

473

474

475

476

477

478

479

480

Table 30-2 Common Problems with HP-UX AAA Server Startup (continued)

TroubleshootingProblem

be removed from the /etc/opt/aaa/authfile and /etc/

opt/aaa/EAP.authfile.

HP recommends that you use the SQL Access AATV instead

of Oracle AATV, EAP-PEAP instead of EAP-LEAP, and OATH

standard-based authentication instead of SecurID authentication.

For information on how to configure SQL database based

authentication, see Chapter 22 “SQL Access”. For information

on how to configure OTP or Two-factor authentication, see

Chapter 16 “OATH Standards-Based OTP Authentication”.

RealmEAP::configure: Unknown AATV 'CiscoLEAP' in

'/etc/opt/aaa/EAP.authfile' at '12' for EAP-Type. Specify a valid

Log MessageHP-UX AAA

Server logs an

AATV for EAP-TYPE RealmEAP::readauth: AATV for EAP-Typeerror message

while starting is missing or not valid for realm 'oracle.test.test' on line 13 in

/etc/opt/aaa/EAP.authfile read_auth: /etc/opt/aaa/EAP.authfile

( 3 entries) read to memory, 1 error

Authfile has configured realm entries for EAP-LEAP

authentication.

Cause

Starting with HP-UX AAA Server A.08.00.01 release, EAP-LEAP

AATV is obsolete. The corresponding entries must be removed

Solution

from the /etc/opt/aaa/authfile and /etc/opt/aaa/

EAP.authfile.

HP recommends that you use EAP-PEAP instead of EAP-LEAP.

For information on EAP-PEAP, seeChapter 13 “Securing LAN

Access With EAP”

Troubleshooting Bind Errors at HP-UX AAA Server Startup

This section describes how to troubleshoot problems when you cannot start the HP-UX

AAA Server because of bind errors.

If you are unable to start the HP-UX AAA Server, complete the following steps:

1. Check if the radiusd daemon is already running by entering the following

command:

# ps -ef |grep radiusd

If radiusd is running, the radiusd process must be displayed.

If the radiusd daemon is already running, you can stop and start the HP-UX

AAA Server from the Server Manager Administration utility or the command line.

For more information, see “Starting HP-UX AAA Servers Using Server Manager”

(page 72) or “Starting HP-UX AAA Servers From the Command Line” (page 75).

You can also continue with the HP-UX AAA Server instance that is already running.

2. Enter the following command to verify that the authentication and accounting

ports specified for the RADIUS service in /etc/services (entries for radius

Troubleshooting the HP-UX AAA Server 473