[GH-ISSUE #14] Fortigate 7.4.6 Compatibility with Solution for Fortigate 7.4.3: Configuration or Patches Needed? #10

New issue

Open

opened 2026-03-13 14:29:10 +03:00 by kerem · 23 comments

kerem commented 2026-03-13 14:29:10 +03:00

Owner

Copy link

Originally created by @ramiabdallah1512 on GitHub (Jan 9, 2025).
Original GitHub issue: https://github.com/abbas-gheydi/radotp/issues/14

My firewall is running Fortigate 7.4.6, while the solution is compatible with Fortigate 7.4.3. Is there a solution or additional configuration to add, or any patches to apply? Thank you

Originally created by @ramiabdallah1512 on GitHub (Jan 9, 2025). Original GitHub issue: https://github.com/abbas-gheydi/radotp/issues/14 My firewall is running Fortigate 7.4.6, while the solution is compatible with Fortigate 7.4.3. Is there a solution or additional configuration to add, or any patches to apply? Thank you

kerem commented 2026-03-13 14:29:18 +03:00

Author

Owner

Copy link

@abbas-gheydi commented on GitHub (Jan 14, 2025):

My firewall is running Fortigate 7.4.6, while the solution is compatible with Fortigate 7.4.3. Is there a solution or additional configuration to add, or any patches to apply? Thank you

Dear @ramiabdallah1512 ,

Thank you for commenting and reaching out. I plan to add RadSec support to RadOTP in the next release. but for now you can search for and use a RadSec proxy to fix the FortiGate issue.

<!-- gh-comment-id:2589210173 --> @abbas-gheydi commented on GitHub (Jan 14, 2025): > My firewall is running Fortigate 7.4.6, while the solution is compatible with Fortigate 7.4.3. Is there a solution or additional configuration to add, or any patches to apply? Thank you Dear @ramiabdallah1512 , Thank you for commenting and reaching out. I plan to add RadSec support to RadOTP in the next release. but for now you can search for and use a RadSec proxy to fix the FortiGate issue.

kerem commented 2026-03-13 14:29:23 +03:00

Author

Owner

Copy link

@Ctere1 commented on GitHub (Jan 24, 2025):

Hi @abbas-gheydi, @ramiabdallah1512

Regarding your statement about Fortigate compatibility, when you refer to Fortigate compatible, are you referring to the Message-Authenticator attribute?

I’ve already added the necessary attribute in the project and ensured all the dependencies are updated accordingly. I wanted to share the updates with you here for your consideration.

Here’s the code I have updated:

func AcceptUser(w radius.ResponseWriter, r *radius.Request, stage string) (code radius.Code) {
	code = radius.CodeAccessAccept
	packet := r.Packet.Response(code)

	// Add Message-Authenticator placeholder to the response packet at the first place
	placeholder := make([]byte, 16) // 16 bytes of zeros
	rfc2869.MessageAuthenticator_Set(packet, placeholder)

	if state := rfc2865.State_GetString(r.Packet); state != "" {
		rfc2865.State_SetString(packet, state)
	}
	AddVendorGroup(packet, r)

	// DO NOT Add another attribute after Message-Authenticator, it may cause the Message-Authenticator to be invalid
	AddMessageAuthenticator(packet)

	w.Write(packet)
	go sendToMonitoring(rfc2865.UserName_GetString(r.Packet), stage, "Accept")

	return
}



// Other code goes here...
// The ChallengeUser and RejectUser methods should also be updated in the same way



// AddMessageAuthenticator adds the Message-Authenticator attribute to a RADIUS packet.
// Message-Authenticator = HMAC-MD5 (Type, Identifier, Length, Request Authenticator, Attributes)
func AddMessageAuthenticator(packet *radius.Packet) error {
	// Step 1: Set the Message-Authenticator field to zero.
	placeholder := make([]byte, 16) // 16 bytes of zeros
	err := rfc2869.MessageAuthenticator_Set(packet, placeholder)
	if err != nil {
		return err
	}

	// Step 2: Marshal the packet to get the binary representation
	b, err := packet.MarshalBinary()
	if err != nil {
		return err
	}

	// Step 3: Calculate HMAC-MD5 with the shared secret
	mac := hmac.New(md5.New, []byte(RadiusConfigs.Secret))
	mac.Write(b)

	// Step 4: Get the authenticator (HMAC result)
	authenticator := mac.Sum(nil)

	// Step 5: Set the Message-Authenticator field
	err = rfc2869.MessageAuthenticator_Set(packet, authenticator)
	if err != nil {
		return err
	}

	return nil
}

I hope this helps! Maybe I can fork the project and open a PR. Let me know if I can help further.

Thank you for your work on this project.

<!-- gh-comment-id:2612996018 --> @Ctere1 commented on GitHub (Jan 24, 2025): Hi @abbas-gheydi, @ramiabdallah1512 Regarding your statement about Fortigate compatibility, when you refer to Fortigate compatible, are you referring to the Message-Authenticator attribute? I’ve already added the necessary attribute in the project and ensured all the dependencies are updated accordingly. I wanted to share the updates with you here for your consideration. Here’s the code I have updated: ```go func AcceptUser(w radius.ResponseWriter, r *radius.Request, stage string) (code radius.Code) { code = radius.CodeAccessAccept packet := r.Packet.Response(code) // Add Message-Authenticator placeholder to the response packet at the first place placeholder := make([]byte, 16) // 16 bytes of zeros rfc2869.MessageAuthenticator_Set(packet, placeholder) if state := rfc2865.State_GetString(r.Packet); state != "" { rfc2865.State_SetString(packet, state) } AddVendorGroup(packet, r) // DO NOT Add another attribute after Message-Authenticator, it may cause the Message-Authenticator to be invalid AddMessageAuthenticator(packet) w.Write(packet) go sendToMonitoring(rfc2865.UserName_GetString(r.Packet), stage, "Accept") return } // Other code goes here... // The ChallengeUser and RejectUser methods should also be updated in the same way // AddMessageAuthenticator adds the Message-Authenticator attribute to a RADIUS packet. // Message-Authenticator = HMAC-MD5 (Type, Identifier, Length, Request Authenticator, Attributes) func AddMessageAuthenticator(packet *radius.Packet) error { // Step 1: Set the Message-Authenticator field to zero. placeholder := make([]byte, 16) // 16 bytes of zeros err := rfc2869.MessageAuthenticator_Set(packet, placeholder) if err != nil { return err } // Step 2: Marshal the packet to get the binary representation b, err := packet.MarshalBinary() if err != nil { return err } // Step 3: Calculate HMAC-MD5 with the shared secret mac := hmac.New(md5.New, []byte(RadiusConfigs.Secret)) mac.Write(b) // Step 4: Get the authenticator (HMAC result) authenticator := mac.Sum(nil) // Step 5: Set the Message-Authenticator field err = rfc2869.MessageAuthenticator_Set(packet, authenticator) if err != nil { return err } return nil } ``` I hope this helps! Maybe I can fork the project and open a PR. Let me know if I can help further. Thank you for your work on this project.

kerem commented 2026-03-13 14:29:28 +03:00

Author

Owner

Copy link

@abbas-gheydi commented on GitHub (Jan 24, 2025):

Hi @abbas-gheydi, @ramiabdallah1512

Regarding your statement about Fortigate compatibility, when you refer to Fortigate compatible, are you referring to the Message-Authenticator attribute?

I’ve already added the necessary attribute in the project and ensured all the dependencies are updated accordingly. I wanted to share the updates with you here for your consideration.

Here’s the code I have updated:

func AcceptUser(w radius.ResponseWriter, r *radius.Request, stage string) (code radius.Code) {
code = radius.CodeAccessAccept
packet := r.Packet.Response(code)

// Add Message-Authenticator placeholder to the response packet at the first place
placeholder := make([]byte, 16) // 16 bytes of zeros
rfc2869.MessageAuthenticator_Set(packet, placeholder)

if state := rfc2865.State_GetString(r.Packet); state != "" {
rfc2865.State_SetString(packet, state)
}
AddVendorGroup(packet, r)

// DO NOT Add another attribute after Message-Authenticator, it may cause the Message-Authenticator to be invalid
AddMessageAuthenticator(packet)

w.Write(packet)
go sendToMonitoring(rfc2865.UserName_GetString(r.Packet), stage, "Accept")

return
}

// Other code goes here...
// The ChallengeUser and RejectUser methods should also be updated in the same way

// AddMessageAuthenticator adds the Message-Authenticator attribute to a RADIUS packet.
// Message-Authenticator = HMAC-MD5 (Type, Identifier, Length, Request Authenticator, Attributes)
func AddMessageAuthenticator(packet *radius.Packet) error {
// Step 1: Set the Message-Authenticator field to zero.
placeholder := make([]byte, 16) // 16 bytes of zeros
err := rfc2869.MessageAuthenticator_Set(packet, placeholder)
if err != nil {
return err
}

// Step 2: Marshal the packet to get the binary representation
b, err := packet.MarshalBinary()
if err != nil {
return err
}

// Step 3: Calculate HMAC-MD5 with the shared secret
mac := hmac.New(md5.New, []byte(RadiusConfigs.Secret))
mac.Write(b)

// Step 4: Get the authenticator (HMAC result)
authenticator := mac.Sum(nil)

// Step 5: Set the Message-Authenticator field
err = rfc2869.MessageAuthenticator_Set(packet, authenticator)
if err != nil {
return err
}

return nil
}
I hope this helps! Maybe I can fork the project and open a PR. Let me know if I can help further.

Thank you for your work on this project.

Dear @Ctere1 , thank you very much for your attention and the time you spent. Please send the PR so we can merge it and other users can benefit from these changes. Thank you.

<!-- gh-comment-id:2613033013 --> @abbas-gheydi commented on GitHub (Jan 24, 2025): > Hi [@abbas-gheydi](https://github.com/abbas-gheydi), [@ramiabdallah1512](https://github.com/ramiabdallah1512) > > Regarding your statement about Fortigate compatibility, when you refer to Fortigate compatible, are you referring to the Message-Authenticator attribute? > > I’ve already added the necessary attribute in the project and ensured all the dependencies are updated accordingly. I wanted to share the updates with you here for your consideration. > > Here’s the code I have updated: > > func AcceptUser(w radius.ResponseWriter, r *radius.Request, stage string) (code radius.Code) { > code = radius.CodeAccessAccept > packet := r.Packet.Response(code) > > // Add Message-Authenticator placeholder to the response packet at the first place > placeholder := make([]byte, 16) // 16 bytes of zeros > rfc2869.MessageAuthenticator_Set(packet, placeholder) > > if state := rfc2865.State_GetString(r.Packet); state != "" { > rfc2865.State_SetString(packet, state) > } > AddVendorGroup(packet, r) > > // DO NOT Add another attribute after Message-Authenticator, it may cause the Message-Authenticator to be invalid > AddMessageAuthenticator(packet) > > w.Write(packet) > go sendToMonitoring(rfc2865.UserName_GetString(r.Packet), stage, "Accept") > > return > } > > > > // Other code goes here... > // The ChallengeUser and RejectUser methods should also be updated in the same way > > > > // AddMessageAuthenticator adds the Message-Authenticator attribute to a RADIUS packet. > // Message-Authenticator = HMAC-MD5 (Type, Identifier, Length, Request Authenticator, Attributes) > func AddMessageAuthenticator(packet *radius.Packet) error { > // Step 1: Set the Message-Authenticator field to zero. > placeholder := make([]byte, 16) // 16 bytes of zeros > err := rfc2869.MessageAuthenticator_Set(packet, placeholder) > if err != nil { > return err > } > > // Step 2: Marshal the packet to get the binary representation > b, err := packet.MarshalBinary() > if err != nil { > return err > } > > // Step 3: Calculate HMAC-MD5 with the shared secret > mac := hmac.New(md5.New, []byte(RadiusConfigs.Secret)) > mac.Write(b) > > // Step 4: Get the authenticator (HMAC result) > authenticator := mac.Sum(nil) > > // Step 5: Set the Message-Authenticator field > err = rfc2869.MessageAuthenticator_Set(packet, authenticator) > if err != nil { > return err > } > > return nil > } > I hope this helps! Maybe I can fork the project and open a PR. Let me know if I can help further. > > Thank you for your work on this project. Dear @Ctere1 , thank you very much for your attention and the time you spent. Please send the PR so we can merge it and other users can benefit from these changes. Thank you.

kerem commented 2026-03-13 14:29:33 +03:00

Author

Owner

Copy link

@Ctere1 commented on GitHub (Jan 24, 2025):

I have just created the PR. Please take a look, and once everything looks good, we can proceed with merging it. Thanks again!

I would like to point out that I renamed the following tables for consistency with the project naming conventions:

• otps → radotp_otps
• webadmin → radotp_webadmin

<!-- gh-comment-id:2613079618 --> @Ctere1 commented on GitHub (Jan 24, 2025): I have just created the [PR](https://github.com/abbas-gheydi/radotp/pull/15). Please take a look, and once everything looks good, we can proceed with merging it. Thanks again! **I would like to point out that I renamed the following tables for consistency with the project naming conventions:** - otps → radotp_otps - webadmin → radotp_webadmin

kerem commented 2026-03-13 14:29:38 +03:00

Author

Owner

Copy link

@Ctere1 commented on GitHub (Jan 24, 2025):

@abbas-gheydi

Additionally, as per the draft-ietf-radext-deprecating-radius, security tracking for RADIUS can be performed by ensuring the proper handling of the Message-Authenticator attribute. This is particularly important in the context of Section 5.3.6. Server Responses to Access-Request, where the correct validation of this attribute is crucial for ensuring secure communication.

Currently, the server does not validate the Message-Authenticator in the incoming packets, which may expose security vulnerabilities. In this PR, I have added the Message-Authenticator attribute to the RADIUS package as the first step to address this issue.

It is important to note that while this PR addresses the Fortigate connection issue by adding the Message-Authenticator attribute, further security measures should still be considered to ensure comprehensive protection.

<!-- gh-comment-id:2613173620 --> @Ctere1 commented on GitHub (Jan 24, 2025): @abbas-gheydi Additionally, as per the [draft-ietf-radext-deprecating-radius](https://datatracker.ietf.org/doc/draft-ietf-radext-deprecating-radius/), security tracking for RADIUS can be performed by ensuring the proper handling of the `Message-Authenticator` attribute. This is particularly important in the context of *Section 5.3.6. Server Responses to Access-Request*, where the correct validation of this attribute is crucial for ensuring secure communication. Currently, the server does <ins>**not**</ins> validate the `Message-Authenticator` in the incoming packets, which may expose security vulnerabilities. In this [PR](https://github.com/abbas-gheydi/radotp/pull/15), I have added the `Message-Authenticator` attribute to the RADIUS package as the first step to address this issue. It is important to note that while this PR addresses the Fortigate connection issue by adding the `Message-Authenticator` attribute, further security measures should still be considered to ensure comprehensive protection.

kerem commented 2026-03-13 14:29:44 +03:00

Author

Owner

Copy link

@abbas-gheydi commented on GitHub (Feb 13, 2025):

Dear @ramiabdallah1512 ,

The issue you mentioned has been resolved in version 2.4.0, which has been released.
To enable this new feature, you can set EnableMessageAuthenticator to true in the radiusd.conf file.

A special thanks to @Ctere1 for help in fixing this issue!

Thank you,

<!-- gh-comment-id:2657186723 --> @abbas-gheydi commented on GitHub (Feb 13, 2025): Dear @ramiabdallah1512 , The issue you mentioned has been resolved in version [2.4.0](https://github.com/abbas-gheydi/radotp/releases/tag/v2.4.0), which has been released. To enable this new feature, you can set `EnableMessageAuthenticator` to true in the `radiusd.conf` file. A special thanks to @Ctere1 for help in fixing this issue! Thank you,

kerem commented 2026-03-13 14:29:49 +03:00

Author

Owner

Copy link

@ramiabdallah1512 commented on GitHub (Mar 11, 2025):

Hello Team, @abbas-gheydi @Ctere1

I would like to extend my heartfelt thanks for your prompt assistance and dedicated efforts. I have just tested the new solution, and I can confirm that it is fully functional with this version.

Thank you so much for your support!

Best regards,

<!-- gh-comment-id:2714945121 --> @ramiabdallah1512 commented on GitHub (Mar 11, 2025): Hello Team, @abbas-gheydi @Ctere1 I would like to extend my heartfelt thanks for your prompt assistance and dedicated efforts. I have just tested the new solution, and I can confirm that it is fully functional with this version. Thank you so much for your support! Best regards,

kerem commented 2026-03-13 14:29:54 +03:00

Author

Owner

Copy link

@Profaustine commented on GitHub (Apr 19, 2025):

Is there a step by step guide to deploy this as a newbie?

<!-- gh-comment-id:2816807932 --> @Profaustine commented on GitHub (Apr 19, 2025): Is there a step by step guide to deploy this as a newbie?

kerem commented 2026-03-13 14:29:59 +03:00

Author

Owner

Copy link

@iamshekoni commented on GitHub (May 6, 2025):

Hello @abbas-gheydi @Ctere1

Thank you for your assistance so far. just installed the 2.4.0 on my test environment successfully but connecting to FortiGate v7.4.7 is giving me "Invalid secret for the server" after inputting correct secret and EnableMessageAuthenticator = true
Please advice on what other change that needs to be made.

Thanks in advance

<!-- gh-comment-id:2855930181 --> @iamshekoni commented on GitHub (May 6, 2025): Hello @abbas-gheydi @Ctere1 Thank you for your assistance so far. just installed the 2.4.0 on my test environment successfully but connecting to FortiGate v7.4.7 is giving me "Invalid secret for the server" after inputting correct secret and EnableMessageAuthenticator = true Please advice on what other change that needs to be made. Thanks in advance

kerem commented 2026-03-13 14:30:04 +03:00

Author

Owner

Copy link

@iamshekoni commented on GitHub (May 6, 2025):

Hello Team, @abbas-gheydi @Ctere1

I would like to extend my heartfelt thanks for your prompt assistance and dedicated efforts. I have just tested the new solution, and I can confirm that it is fully functional with this version.

Thank you so much for your support!

Best regards,

what did you do to make it work. i will appreciate your response

<!-- gh-comment-id:2856584777 --> @iamshekoni commented on GitHub (May 6, 2025): > Hello Team, [@abbas-gheydi](https://github.com/abbas-gheydi) [@Ctere1](https://github.com/Ctere1) > > I would like to extend my heartfelt thanks for your prompt assistance and dedicated efforts. I have just tested the new solution, and I can confirm that it is fully functional with this version. > > Thank you so much for your support! > > Best regards, what did you do to make it work. i will appreciate your response

kerem commented 2026-03-13 14:30:09 +03:00

Author

Owner

Copy link

@iamshekoni commented on GitHub (May 7, 2025):

Dear @ramiabdallah1512 ,

The issue you mentioned has been resolved in version 2.4.0, which has been released. To enable this new feature, you can set EnableMessageAuthenticator to true in the radiusd.conf file.

A special thanks to @Ctere1 for help in fixing this issue!

Thank you,

@abbas-gheydi @Ctere1
Hi, I have downgraded to Fortigate 7.4.6 am still experiencing the same issue "Invalid secret for the server" i have also change the EnableMessageAuthenticator = true in the radiusd.conf file

<!-- gh-comment-id:2858452099 --> @iamshekoni commented on GitHub (May 7, 2025): > Dear [@ramiabdallah1512](https://github.com/ramiabdallah1512) , > > The issue you mentioned has been resolved in version [2.4.0](https://github.com/abbas-gheydi/radotp/releases/tag/v2.4.0), which has been released. To enable this new feature, you can set `EnableMessageAuthenticator` to true in the `radiusd.conf` file. > > A special thanks to [@Ctere1](https://github.com/Ctere1) for help in fixing this issue! > > Thank you, @abbas-gheydi @Ctere1 Hi, I have downgraded to Fortigate 7.4.6 am still experiencing the same issue "Invalid secret for the server" i have also change the EnableMessageAuthenticator = true in the `radiusd.conf` file

kerem commented 2026-03-13 14:30:14 +03:00

Author

Owner

Copy link

@Ctere1 commented on GitHub (May 7, 2025):

@iamshekoni,
Please make sure to specify the authentication method as PAP on the FortiGate . This error can sometimes occur if the authentication method is not properly aligned. Also, ensure that the shared secret configured on both devices matches exactly.

Additionally, try deleting the existing RADIUS user and create a new one from scratch, making sure to re-enter the Secret key carefully.

If the issue persists, check the FortiGate CLI and enable debug logs to get more detailed output for troubleshooting. Fortinet documentation

<!-- gh-comment-id:2858731403 --> @Ctere1 commented on GitHub (May 7, 2025): @iamshekoni, Please make sure to specify the authentication method as PAP on the FortiGate . This error can sometimes occur if the authentication method is not properly aligned. Also, ensure that the shared secret configured on both devices matches exactly. Additionally, try deleting the existing RADIUS user and create a new one from scratch, making sure to re-enter the Secret key carefully. If the issue persists, check the FortiGate CLI and enable debug logs to get more detailed output for troubleshooting. [Fortinet documentation](https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-How-to-test-FortiGate-s-radius-user/ta-p/198406)

kerem commented 2026-03-13 14:30:19 +03:00

Author

Owner

Copy link

@iamshekoni commented on GitHub (May 7, 2025):

@iamshekoni, Please make sure to specify the authentication method as PAP on the FortiGate . This error can sometimes occur if the authentication method is not properly aligned. Also, ensure that the shared secret configured on both devices matches exactly.

Additionally, try deleting the existing RADIUS user and create a new one from scratch, making sure to re-enter the Secret key carefully.

If the issue persists, check the FortiGate CLI and enable debug logs to get more detailed output for troubleshooting. Fortinet documentation

@Ctere1
Thank you for the response. Changed it to PAP as advised and ensured the secret is same on both sides, I have also recreated too, Blow is the image

<!-- gh-comment-id:2858828960 --> @iamshekoni commented on GitHub (May 7, 2025): > [@iamshekoni](https://github.com/iamshekoni), Please make sure to specify the authentication method as PAP on the FortiGate . This error can sometimes occur if the authentication method is not properly aligned. Also, ensure that the shared secret configured on both devices matches exactly. > > Additionally, try deleting the existing RADIUS user and create a new one from scratch, making sure to re-enter the Secret key carefully. > > If the issue persists, check the FortiGate CLI and enable debug logs to get more detailed output for troubleshooting. [Fortinet documentation](https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-How-to-test-FortiGate-s-radius-user/ta-p/198406) @Ctere1 Thank you for the response. Changed it to PAP as advised and ensured the secret is same on both sides, I have also recreated too, Blow is the image  

kerem commented 2026-03-13 14:30:24 +03:00

Author

Owner

Copy link

@Ctere1 commented on GitHub (May 7, 2025):

You might also want to try replacing 0.0.0.0 with the actual IP address of the RADIUS server in the listen configuration.

While 0.0.0.0 allows the server to listen on all interfaces, explicitly binding to the server’s real IP can improve stability—especially if FortiGate is configured to connect to a specific IP. This helps avoid any ambiguity and ensures the RADIUS service is reachable on the correct interface.

<!-- gh-comment-id:2858849383 --> @Ctere1 commented on GitHub (May 7, 2025): You might also want to try replacing 0.0.0.0 with the actual IP address of the RADIUS server in the listen configuration. While 0.0.0.0 allows the server to listen on all interfaces, explicitly binding to the server’s real IP can improve stability—especially if FortiGate is configured to connect to a specific IP. This helps avoid any ambiguity and ensures the RADIUS service is reachable on the correct interface.

kerem commented 2026-03-13 14:30:30 +03:00

Author

Owner

Copy link

@abbas-gheydi commented on GitHub (May 7, 2025):

Also, I recommend restarting the radotp container after applying configuration changes to ensure they take effect

<!-- gh-comment-id:2858878015 --> @abbas-gheydi commented on GitHub (May 7, 2025): Also, I recommend restarting the `radotp` container after applying configuration changes to ensure they take effect

kerem commented 2026-03-13 14:30:35 +03:00

Author

Owner

Copy link

@iamshekoni commented on GitHub (May 7, 2025):

@Ctere1
Appreciate your prompt response after changing the 0.0.0.0 on the actual server IP address of the RADIUS radotp config file and restarting the server

the docker container refuse to start

once change back to 0.0.0.0:1812

The docker service runs

<!-- gh-comment-id:2858884830 --> @iamshekoni commented on GitHub (May 7, 2025): @Ctere1 Appreciate your prompt response after changing the 0.0.0.0 on the actual server IP address of the RADIUS radotp config file and restarting the server  the docker container refuse to start  once change back to 0.0.0.0:1812 The docker service runs

kerem commented 2026-03-13 14:30:40 +03:00

Author

Owner

Copy link

@ramiabdallah1512 commented on GitHub (May 7, 2025):

Hello, can you share the RADIUS configuration?

Le mer. 7 mai 2025, 16:47, iamshekoni @.***> a écrit :

iamshekoni left a comment (abbas-gheydi/radotp#14)
https://github.com/abbas-gheydi/radotp/issues/14#issuecomment-2858884830

@Ctere1 https://github.com/Ctere1
Appreciate your prompt response after changing the 0.0.0.0 on the actual
server IP address of the RADIUS radotp config file and restarting the server

image.png (view on web)
https://github.com/user-attachments/assets/d315be1f-7349-4a11-ba9a-7475267f5bdb

the docker container refuse to start

image.png (view on web)
https://github.com/user-attachments/assets/693852e6-50ed-49d1-826b-ba4f0e705595

—
Reply to this email directly, view it on GitHub
https://github.com/abbas-gheydi/radotp/issues/14#issuecomment-2858884830,
or unsubscribe
https://github.com/notifications/unsubscribe-auth/BGMZRFU3AMI5OQ5O622NQGD25IMG3AVCNFSM6AAAAABU3T6UY6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDQNJYHA4DIOBTGA
.
You are receiving this because you were mentioned.Message ID:
@.***>

<!-- gh-comment-id:2858897768 --> @ramiabdallah1512 commented on GitHub (May 7, 2025): Hello, can you share the RADIUS configuration? Le mer. 7 mai 2025, 16:47, iamshekoni ***@***.***> a écrit : > *iamshekoni* left a comment (abbas-gheydi/radotp#14) > <https://github.com/abbas-gheydi/radotp/issues/14#issuecomment-2858884830> > > @Ctere1 <https://github.com/Ctere1> > Appreciate your prompt response after changing the 0.0.0.0 on the actual > server IP address of the RADIUS radotp config file and restarting the server > > image.png (view on web) > <https://github.com/user-attachments/assets/d315be1f-7349-4a11-ba9a-7475267f5bdb> > > the docker container refuse to start > > image.png (view on web) > <https://github.com/user-attachments/assets/693852e6-50ed-49d1-826b-ba4f0e705595> > > — > Reply to this email directly, view it on GitHub > <https://github.com/abbas-gheydi/radotp/issues/14#issuecomment-2858884830>, > or unsubscribe > <https://github.com/notifications/unsubscribe-auth/BGMZRFU3AMI5OQ5O622NQGD25IMG3AVCNFSM6AAAAABU3T6UY6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDQNJYHA4DIOBTGA> > . > You are receiving this because you were mentioned.Message ID: > ***@***.***> >

kerem commented 2026-03-13 14:30:45 +03:00

Author

Owner

Copy link

@iamshekoni commented on GitHub (May 7, 2025):

Hello, can you share the RADIUS configuration?

Le mer. 7 mai 2025, 16:47, iamshekoni @.***> a écrit :
…

iamshekoni left a comment (abbas-gheydi/radotp#14)
<#14 (comment)>

@Ctere1 https://github.com/Ctere1
Appreciate your prompt response after changing the 0.0.0.0 on the actual
server IP address of the RADIUS radotp config file and restarting the server

image.png (view on web)
https://github.com/user-attachments/assets/d315be1f-7349-4a11-ba9a-7475267f5bdb

the docker container refuse to start

image.png (view on web)
https://github.com/user-attachments/assets/693852e6-50ed-49d1-826b-ba4f0e705595

—
Reply to this email directly, view it on GitHub
<#14 (comment)>,
or unsubscribe
https://github.com/notifications/unsubscribe-auth/BGMZRFU3AMI5OQ5O622NQGD25IMG3AVCNFSM6AAAAABU3T6UY6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDQNJYHA4DIOBTGA
.
You are receiving this because you were mentioned.Message ID:
@.***>

<!-- gh-comment-id:2858905222 --> @iamshekoni commented on GitHub (May 7, 2025): > Hello, can you share the RADIUS configuration? > > Le mer. 7 mai 2025, 16:47, iamshekoni ***@***.***> a écrit : > […](#) > > *iamshekoni* left a comment ([abbas-gheydi/radotp#14](https://github.com/abbas-gheydi/radotp/issues/14)) > <[#14 (comment)](https://github.com/abbas-gheydi/radotp/issues/14#issuecomment-2858884830)> > > [@Ctere1](https://github.com/Ctere1) <https://github.com/Ctere1> > Appreciate your prompt response after changing the 0.0.0.0 on the actual > server IP address of the RADIUS radotp config file and restarting the server > > image.png (view on web) > <https://github.com/user-attachments/assets/d315be1f-7349-4a11-ba9a-7475267f5bdb> > > the docker container refuse to start > > image.png (view on web) > <https://github.com/user-attachments/assets/693852e6-50ed-49d1-826b-ba4f0e705595> > > — > Reply to this email directly, view it on GitHub > <[#14 (comment)](https://github.com/abbas-gheydi/radotp/issues/14#issuecomment-2858884830)>, > or unsubscribe > <https://github.com/notifications/unsubscribe-auth/BGMZRFU3AMI5OQ5O622NQGD25IMG3AVCNFSM6AAAAABU3T6UY6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDQNJYHA4DIOBTGA> > . > You are receiving this because you were mentioned.Message ID: > ***@***.***> 

kerem commented 2026-03-13 14:30:50 +03:00

Author

Owner

Copy link

@abbas-gheydi commented on GitHub (May 7, 2025):

According to the screenshot, you are using version 2.3.0. Please upgrade the radotp image to version 2.4.0

<!-- gh-comment-id:2858909401 --> @abbas-gheydi commented on GitHub (May 7, 2025): According to the screenshot, you are using version 2.3.0. Please upgrade the `radotp` image to version 2.4.0

kerem commented 2026-03-13 14:30:55 +03:00

Author

Owner

Copy link

@iamshekoni commented on GitHub (May 7, 2025):

According to the screenshot, you are using version 2.3.0. Please upgrade the radotp image to version 2.4.0

Thanks @abbas-gheydi i downloaded it from the below page

<!-- gh-comment-id:2858930337 --> @iamshekoni commented on GitHub (May 7, 2025): > According to the screenshot, you are using version 2.3.0. Please upgrade the `radotp` image to version 2.4.0 Thanks @abbas-gheydi i downloaded it from the below page 

kerem commented 2026-03-13 14:31:00 +03:00

Author

Owner

Copy link

@iamshekoni commented on GitHub (May 7, 2025):

@abbas-gheydi please how can i upgrade the image to 2.4

<!-- gh-comment-id:2858940848 --> @iamshekoni commented on GitHub (May 7, 2025): @abbas-gheydi please how can i upgrade the image to 2.4

kerem commented 2026-03-13 14:31:05 +03:00

Author

Owner

Copy link

@abbas-gheydi commented on GitHub (May 7, 2025):

In the docker-compose.yaml file, please ensure this line is set to version 2.4.0:

radotp:
  image: ghcr.io/abbas-gheydi/radotp:2.4.0

After making this change, run the following commands:

docker-compose pull
docker-compose down
docker-compose up -d
or maybe
docker-compose up -d --force-recreate radotp

<!-- gh-comment-id:2858996526 --> @abbas-gheydi commented on GitHub (May 7, 2025): In the docker-compose.yaml file, please ensure this line is set to version 2.4.0: ```yaml radotp: image: ghcr.io/abbas-gheydi/radotp:2.4.0 ``` After making this change, run the following commands: docker-compose pull docker-compose down docker-compose up -d or maybe docker-compose up -d --force-recreate radotp

kerem commented 2026-03-13 14:31:10 +03:00

Author

Owner

Copy link

@iamshekoni commented on GitHub (May 7, 2025):

In the docker-compose.yaml file, please ensure this line is set to version 2.4.0:

radotp:
image: ghcr.io/abbas-gheydi/radotp:2.4.0
After making this change, run the following commands:

docker-compose pull docker-compose down docker-compose up -d or maybe docker-compose up -d --force-recreate radotp

@abbas-gheydi Thanks it worked

<!-- gh-comment-id:2859059371 --> @iamshekoni commented on GitHub (May 7, 2025): > In the docker-compose.yaml file, please ensure this line is set to version 2.4.0: > > radotp: > image: ghcr.io/abbas-gheydi/radotp:2.4.0 > After making this change, run the following commands: > > docker-compose pull docker-compose down docker-compose up -d or maybe docker-compose up -d --force-recreate radotp @abbas-gheydi Thanks it worked

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

v2.4.0

v2.3.0

v2.2.0

v2.1.1

v2.1.0

v2.0.1

v2.0.0

v1.0.0

Labels

Clear labels   

pull-request

Mirrored from GitHub Pull Request

No labels

pull-request

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/radotp#10

No description provided.