Re: Error: Ignoring request from unknown client IP:1645

Tue, 13 Feb 2007 04:14:49 -0800 

Il giorno mar, 13/02/2007 alle 11.59 +0000, [EMAIL PROTECTED] ha
scritto:
> Hi,
> 
> > client localhost {
> >     secret = 181180
> >     shortname = localhost
> >     nastype = other
> > }
> > 
> > client 192.168.0.1 {
> >     secret = 181180
> >     shortname = testcisco
> >     nastype = cisco
> > }
> > 
> 
> those look fine. have you actually tried a 'radtest' on the local server
> to check all is well?  eg put the following into your 'users' file
> 
> testuser01  Auth-Type:=Local, User-Password=="ehwtehi"
> 
> 
> restart radiusd process then do
> 
> radtest testuser01 ehwtehi localhost 1812 181180

Ok just after this test i have 

after many tries "Re-Sending Access-Request ..."

radclient: no response from server for ID 250

This without any change to the radiusd.conf Now I will make all the
modifications you suggested and send you the results.
I'm not proxying.
The freeradius version is 1.0.1
 
> 
> 
> 
> this is pure and simple PAP authentication at its best.
> 
> 
> 
> > ## radiusd.conf     -- FreeRADIUS server configuration file.
> 
> which version of freeradius? this config is a bit crusty for a 1.x
> install
> 
> change the following parts
> 
> 
> #bind_address = *
> #port = 0
> 
> listen {
>       #  IP address on which to listen.
>       #  Allowed values are:
>       #       dotted quad (1.2.3.4)
>       #       hostname    (radius.example.com)
>       #       wildcard    (*)
>       ipaddr = *
>  
>       #  Port on which to listen.
>       #  Allowed values are:
>       #       integer port number (1812)
>       #       0 means "use /etc/services for the proper port"
>       port = 1645
>  
>       #  Type of packets to listen for.
>       #  Allowed values are:
>       #       auth    listen for authentication packets
>       #       acct    listen for accounting packets
>       #
>       type = auth
> }
> 
> this uses the 1.x listen directive. i've also changed the port to 1645 - as 
> you say your
> cisco is expecting this port!
> 
> > proxy_requests  = yes
> > $INCLUDE  ${confdir}/proxy.conf
> 
> are you proxying? you didnt say so. you should set this to no(!)
> 
> >     #  Supports multiple encryption schemes
> >     #  clear: Clear text
> >     #  crypt: Unix crypt
> >     #    md5: MD5 ecnryption
> >     #   sha1: SHA1 encryption.
> >     #  DEFAULT: crypt
> >     pap {
> >             encryption_scheme = crypt
> >     }
> 
> to do the radtest I mentioned above, this value needs to be 'clear'
> 
> you a crypted version of that password if you wish to use 'crypt'
> 
> 
> as for all the rest. if you arent using it. comment it out.
> 
> alan
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to