I'm very sorry Alan for replying to your own email address and not on the list. Here it is
Il giorno lun, 12/02/2007 alle 13.35 +0100, Alan DeKok ha scritto: > Davide Molteni wrote: > > > On the cisco I configured: > > radius-server host ipmyradius auth-port 1812 acct-port 1813 > > and the other aaa commands needed > > > > If I look at the radius.log file I always see > > > > Error: Ignoring request from unknown client ipmycisco:1645 > > Did you configure the server to have that IP in "clients.conf"? Sure! With the IP and the same shared key as the cisco NAS client > > > The Cisco router keeps always trying to connect to radius using port > > 1645 even if I specified to use 1812... > > That's a bug in the Cisco router. Yea but is this a problem for freeradius to properly work? I need to set freeradius to listen on 1645 in radiusd.conf? Or I need to change it in /etc/services ? > > > I have tried to configure radius > > server to listen on port 1645 but is the same. > > Listening on port 1645 won't make the server believe that "ipmycisco" > is a known client. Well I know this very well in fact, the client that is ignored is properly configured in clients.conf > > > The microsoft radius integration(server 2003) worked at first try with > > this cisco config... > > Really. Did you configure the Cisco box as a client in the MS RADIUS > server? Yes, sure I had to put in the ms radius the cisco box as a client otherwise it wouldn't work... Please notice that I would like to use this radius for simple PAP ONLY. Maybe I'm doing something wrong with users file? Please tell me the right way to configure a single test user for PAP only. I would like to disable unused modules (ldap,mysql...) It couldn't be a problem of authentication method? I forgot an important element to tell anyone wants to help. I tried to change the shared key on one side (radius) and noticed that log file continue to write again the same error Ignoring request from unknown client IP:1645 So the issue it's due to the fact that cisco client don't exchange shared key with radius... This can halp to focus better the problem? thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
