When testing the Radius Validation server from the Enterprise Gateway we can get a successful login using vsradiusclient_test however when we test from a client box we fail.

 ERROR "2018-01-25 23:09:32.341 GMT0000" 0.0.0.0 VIP-Linux:1815 0 18530 "text=Error 18530 occurred at VSValidationServer.cpp:851. Description: VSValidationServer._receiveRequest() -- Invalid request received - -1" Thread-992 VSValidationServer.cpp 

Customer had UDP high ports closed on the firewall outbound from EGW inbound ports were open.

The radius client always chooses a random UDP port to communicate to the Radius Server . The Radius request originates from high port on client XXX (which is random) to the Enterprise Gateway server port 1815 (or the port configured on the radius server). The Enterprise Gateway server (radius) response will be sent from port 1815 back to the client on the same originating port XXX.

We recommend since radius is only internal to allow all outbound UDP traffic from the Enterprise Gateway to the orginiating client.