How to Resolve RADIUS Authentication Issues over route based VPN on FLEX H Series
Zyxel_Kevin
Posts: 903 
Zyxel Employee
Zyxel Employee
Question: Why is my FLEX H series device unable to reach the RADIUS server over route based VPN
Topology:
FLEX H series <Site to Site VPN> Peer Gateway - Radius server
Answer:
For local out traffic, FLEX H used the VTI address as inquiry source address
Below are steps to troubleshoot and resolve the issue:
- Ensure the Radius server can route and trusts the VTI interface address used by the FLEX H device.
- Ensure VTI address settings are within the subnet and do not use link-local addresses:
- Use a valid subnet for the VTI interface (e.g.,
192.168.254.x) instead of link-local addresses such as169.254.0.0/16.
(Some Operate System cannot route link-local address)
If additional assistance is required, or if you need to share logs and packet captures, please provide information such as packet captures on the VTI interface when authentication is attempted. This will help diagnose any further issues more effectively.
0
Categories
- All Categories
- 415 Beta Program
- 2.5K Nebula
- 152 Nebula Ideas
- 101 Nebula Status and Incidents
- 5.8K Security
- 296 USG FLEX H Series
- 281 Security Ideas
- 1.5K Switch
- 77 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.5K Consumer Product
- 254 Service & License
- 396 News and Release
- 85 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 87 About Community
- 76 Security Highlight