I have a problem with the RADIUS SSO where by when laptops and devices connect to the wireless it authenticates against the Windows NPS server which then forwards the accounting packets to the Sophos XG.
This works and users are able to connect and get the appropriate web filter level. However, as they move around site and jump from Access Point to Access Point they will randomly lose the Sophos Authentication and therefore lose internet.
I have check on the NPS server and can see in the Accounting Requests packets that it is receiving both a username and IP address.
I am still however getting these errors in the access_server.log on the Sophos XG.
MESSAGE Apr 22 10:31:29.916557 [access_server]: handle_radius_account_req: request received from radius client NPSSERVERIP
ERROR Apr 22 10:31:29.916600 [access_server]: handle_radius_account_req: received radius accounting with status 2
ERROR Apr 22 10:31:29.916624 [access_server]: (_sqlite_db_handle_get_liveuserinfo): GET_LIVEUSER_INFO_TO_LOGOUT found no entries for IP BYODIPADDRESS (sqrs 101)
ERROR Apr 22 10:31:29.916635 [access_server]: (handle_external_logout_req_finish_free): SQLITE_REQ_GETLIVEUSERINFO query failed
MESSAGE Apr 22 10:31:36.750328 [access_server]: handle_radius_account_req: request received from radius client NPSSERVERIP
ERROR Apr 22 10:31:36.750351 [access_server]: handle_radius_account_req: received radius accounting with status 2
MESSAGE Apr 22 10:31:38.276044 [access_server]: handle_radius_account_req: request received from radius client NPSSERVERIP
ERROR Apr 22 10:31:38.276087 [access_server]: handle_radius_account_req: received radius accounting with status 1
MESSAGE Apr 22 10:31:39.027107 [access_server]: handle_radius_account_req: request received from radius client NPSSERVERIP
ERROR Apr 22 10:31:39.027126 [access_server]: handle_radius_account_req: received radius accounting with status 1
MESSAGE Apr 22 10:31:39.027169 [access_server]: (handle_req_no_password): User 18oelks with clienttype 23 already live, ignoring the request
MESSAGE Apr 22 10:31:40.377564 [access_server]: handle_radius_account_req: request received from radius client NPSSERVERIP
ERROR Apr 22 10:31:40.377606 [access_server]: handle_radius_account_req: received radius accounting with status 2
MESSAGE Apr 22 10:31:43.796939 [access_server]: handle_radius_account_req: request received from radius client NPSSERVERIP
ERROR Apr 22 10:31:43.796962 [access_server]: handle_radius_account_req: received radius accounting with status 2
MESSAGE Apr 22 10:31:46.146647 [access_server]: handle_radius_account_req: request received from radius client NPSSERVERIP
ERROR Apr 22 10:31:46.146669 [access_server]: handle_radius_account_req: received radius accounting with status 1
MESSAGE Apr 22 10:31:46.373840 [access_server]: handle_radius_account_req: request received from radius client NPSSERVERIP
ERROR Apr 22 10:31:46.373863 [access_server]: handle_radius_account_req: received radius accounting with status 2
MESSAGE Apr 22 10:31:46.558429 [access_server]: handle_radius_account_req: request received from radius client NPSSERVERIP
ERROR Apr 22 10:31:46.558464 [access_server]: handle_radius_account_req: received radius accounting with status 2
This thread was automatically locked due to age.
