FreeRADIUS/pam_radius

About Radius Server Returned time out problem

DanivosYoun opened this issue · 1 comments

Hi Contributors

I got some problem with Pam_Radius_auth,

I configured, Server(pam_radius_auth) -> Microsoft NPS (With Azure MFA Extension)

Auth flow

Try to login pam_radius_auth sent request code 1-> MS NPS received request -> send to Azure MFA -> MS Authenticator Push -> MS NPS Radius -> Response code 2 -> pam_radius_auth Auth Success,

when user clicked MS Authenticator Push with out delay it works perfect

but when, MS Authenticator Push clicked Permit with few delays (about 3~5s ) & auth failed & retry Auth request (on pam_radius.conf timeout parameter 20)
---------- Logs --------------
Apr 14 00:05:41 prd-was sshd[537431]: pam_radius_auth: Got user name twyoun
Apr 14 00:05:41 prd-was sshd[537431]: pam_radius_auth: ignore last_pass, force_prompt set
Apr 14 00:05:44 prd-was sshd[537431]: pam_radius_auth: Sending RADIUS request code 1
Apr 14 00:05:44 prd-was sshd[537431]: pam_radius_auth: DEBUG: get_ipaddr(...) returned 0.
Apr 14 00:06:04 prd-was sshd[537431]: pam_radius_auth: RADIUS server (
...) failed to respond
Apr 14 00:06:24 prd-was sshd[537431]: pam_radius_auth: RADIUS server (
...***) failed to respond
Apr 14 00:06:27 prd-was sshd[537431]: pam_radius_auth: Got RADIUS response code 2
Apr 14 00:06:27 prd-was sshd[537431]: pam_radius_auth: authentication succeeded

What does the conf file look like?

The code to parse timeout is pretty simple. There's not a lot which can go wrong here.