How to route inbound requests to AM “RADIUS Server” on a CDK/AKS Deployment?

This topic has 2 replies, 2 voices, and was last updated 1 year, 1 month ago by mockykid.

  • Author
  • #28711

    I have successfully deployed ForgeRock (CDK) on Azure and have enabled the RADIUS server per the instructions HERE. That was the easy part…

    I now can’t figure out how to test this and where to send my RADIUS requests (udp/1812) so that it actually hits the AM RADIUS service? Is there any documented procedure or script to configure this? Can I modify the same ingress gateway (and leverage the same externally accessible DNS alias) or do I need to set up a new public IP for this use case?

    Thanks in advance for any guidance…note that this is for lab testing only at this stage so any “quick hacks” are extremely welcome. :)

     Warren Strange

    You will want to create a Kubernetes service of type “LoadBalancer” that targets the AM backend/port. This will give you an external TCP IP address that routes all TCP (including UDP) to that AM port.


    Thanks!!! This helped immensely – I created a Kubernetes “LoadBalancer” service for RADIUS on udp/1812 and all looks good on the Azure side (public IP and ingress forwarding rule as expected), and on the Kubernetes the service correctly points to the backend AM port. A single command appeared to have resolved this!!!

    Having said that – my RADIUS requests are timing out with no response from the server…

    Where do I enable and access the RADIUS debugging logs on the AM server, and how do I map RADIUS requests to a specific journey that I’ve configured in the ForgeRock GUI?

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?