Troubleshooting the RADIUS Adapter

The following steps provide basic troubleshooting if you encounter any issues.

1. If there are issues with accessing IAP using the RADIUS profile, use the original IAP Profile instead. To revert to the original profile, from a terminal prompt, use root login to edit the /opt/pronghorn/current/properties.json file and set the active profile to profile1.

   {
   "pathProps": {
       "description": "File Path Variables",
       "sdk_dir": "/opt/pronghorn-applications",
       "encrypted": true
   },
   "id": "profile1",
   "mongoProps": {
       "credentials": {
       "passwd": "itentialPassword",
       "user": "itentialUser"
       },
       "db": "pronghorn",
       "url": "mongodb://127.0.0.1:27017"
   }
   }
   

2. Restart IAP service using the service pronghorn restart command and then attempt to login again.

3. If there are problems using the RADIUS adapter or profile it is usually related to the configuration. Check the following:

   RADIUS Adapter

   • Check RADIUS hostname and port.
   • Check how the groups are configured.
   • From a server prompt, stop and restart the associated process for the adapter using the kill command and associated PID for the RADIUS adapter.

   
   

   RADIUS Server

   • Check the whitelist file to ensure the IAP server address is listed. With FreeRADIUS, check in the /etc/raddb/clients.conf file.
   • Check the user file to see if the IAP user is correctly defined and active with the correct username, password, etc. in the /etc/raddb/users file.
   • Check to make sure that the VSA is defined correctly in the /etc/raddb/dictionary file.
   • Check the firewall and ACL rules.

Note: Consult the documentation on the FreeRADIUS website for further instructions on installation, configuration, and troubleshooting.