Hello Team,

I am trying for Radius configuration and I have followed the below steps but I am facing the below error 

The steps we have followed are as follows:

1. Configured MMFA in ISVA with 2 different reverse proxies (1 for browser and 1 for mobile).
2. Configured IBM Verify Gateway for RADIUS in ISVA (including SMTP server details).
3. Definition and OAuth client created under AAC->OpenID Connect and API Protection.
4. Updated the host file of ISVA with all included server details.
5. Configured IBM Verify Gateway on both reverse proxies as a junction through AAC and Federation Management.
6. Installed IBM Security Verify Gateway for RADIUS on a client machine.
7. Edited the IBMRadiusConfig.json file with the details required of ISVA as well as the client.
8. Created obf shared secret using cmd and used in the IBMRadiusConfig.json file.
9. Started the IBM Security Verify Gateway for RADIUS service on a client machine.
10. Used NTRadPing to test RADIUS service. Tested the RADIUS request by filling in the details of the RADIUS server (client machine where IBM Security Verify Gateway for RADIUS is installed) and user credentials in NTRadPing.
11. Error occurred as Access-Reject.
12. Checked the Event Viewer for troubleshooting and the below error message was displayed:
    1. The IBM Auth API function ibm_auth_hdl_acquire() failed with error 135: Failed to POST to 'https://isva.inspiraad.com:443/v1.0/endpoint/default/token" title="https://isva.inspiraad.com/v1.0/endpoint/default/token" href="https://isva.inspiraad.com:443/v1.0/endpoint/default/token" rel="noreferrer noopener" target="_blank" class="fui-Link ___10kug0w f3rmtva f1ewtqcl fyind8e f1k6fduh f1w7gpdv fk6fouc fjoy568 figsok6 f1hu3pq6 f11qmguv f19f4twv f1tyq0we f1g0x7ka fhxju0i f1qch9an f1cnd47f fqv5qza f1vmzxwi f1o700av f13mvf36 f1cmlufx f9n3di6 f1ids18y f1tx3yz7 f1deo86v f1eh06m1 f1iescvh fhgqx19 f1olyrje f1p93eir f1nev41a f1h8hb77 f1lqvz6u f10aw75t fsle3fq f17ae5zn" style="background-color: #000000; color: #000000">https://:443/v60: 'SSL peer certificate or SSH remote key was not OK'.
13. Installed the ISVA SSL certificate on a client machine in Trusted Root Certificates, but the error is still the same.
14. Also verified that the SSL certificate is valid.
15. I have also checked the above URL with both GET and POST methods through Postman and it is showing the "Status 200 OK".
16. Attached is the IBMRadiusConfig.json file, screenshots of the NTRadping error, and Event Viewer error.
17. I am still troubleshooting this error in my environment.
18. Below are the resources we have referred to for this configuration:
    1. https://community.ibm.com/community/user/security/blogs/yves-debeer/2023/03/15/openvpn-with-radius-and-multi-factor-authenticatio" title="https://community.ibm.com/community/user/security/blogs/yves-debeer/2023/03/15/openvpn-with-radius-and-multi-factor-authenticatio" href="https://community.ibm.com/community/user/security/blogs/yves-debeer/2023/03/15/openvpn-with-radius-and-multi-factor-authenticatio" rel="noreferrer noopener" target="_blank" class="fui-Link ___10kug0w f3rmtva f1ewtqcl fyind8e f1k6fduh f1w7gpdv fk6fouc fjoy568 figsok6 f1hu3pq6 f11qmguv f19f4twv f1tyq0we f1g0x7ka fhxju0i f1qch9an f1cnd47f fqv5qza f1vmzxwi f1o700av f13mvf36 f1cmlufx f9n3di6 f1ids18y f1tx3yz7 f1deo86v f1eh06m1 f1iescvh fhgqx19 f1olyrje f1p93eir f1nev41a f1h8hb77 f1lqvz6u f10aw75t fsle3fq f17ae5zn">https://community.ibm.com/community/user/security/blogs/yves-debeer/2023/03/15/openvpn-with-radius-and-multi-factor-authenticatio

Can you please guide me to where I am making the mistake?

Thanks & Regards

------------------------------
shivsantosh patil
------------------------------