How to do tcpdump for APM AAA authentication?

Question

Hi, i need some advice.
I've setup an APM for the OTP authentication with Radius server. From the APM logs, i do received the Access-Reject packet from Radius module. 
/Common/DEV:Common:b1d4b3bc: RADIUS module: authentication with 'ACB123' failed: Access-Reject packet from host 127.7.0.3:1812 (3)

But from my counterpart, the Radius team said from their packet trace they don't received any Access-Request packet from F5.
How can i apply tcpdump or anyway to find out which host is replying the Access-Reject packet from Radius? Because APM log above didn't tell the actual IP where i want to prove to the Radius team the Access-Reject packet is coming from their end.
Pls share me the commands, thanks.

niels_van_sluis · Answer

Something like this:
tcpdump -enni 0.0:nnn udp port 1812 or udp port 1645

david_gill · Answer

Don't forget to ensure you have the proper routing in place to reach your Radius server.&nbsp;

Forum Discussion

How to do tcpdump for APM AAA authentication?

2 Replies

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

decrypted tcpdump capture without using an iRule and without using tshark

8. SYN Cookie: Troubleshooting tcpdump

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

Decrypting TLS with the tcpdump sslprovider

iControl REST Authentication Token Management

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS