kevin wrote: > What I didn't realize nor think of, is that I could run radtest against > the debug run. Every reference to debug mode simply indicated to run in > debug, check if there were errors, and the ctrl-X and run freeradius > again in standard mode.
The intent of the debug output is to run *all* of your tests with debugging output on. Otherwise, you're running tests where you completely ignore the output of the server. > So I ran freeradius in debug mode an then ssh'd into the server again in > another instance. Ran radtest again and found these output results: > >> rad_recv: Access-Request packet from host 192.168.3.199:41953, id=15, >> length=56 >> Ignoring request from unknown client 192.168.3.199:41953 >> --- Walking the entire request list --- >> Nothing to do. Sleeping until we see a request. > > unh-hunh... FR was getting the request, and IGNORING IT... That's how RADIUS works. It accepts requests only from known client. > so the > client never knew that FR had received the request. Great for security > (looks like the port was closed), so that pointed me in the wrong > direction, thinking it wasn't open or getting requests. Again, you spent a lot of time verifying that the client was sending packets You didn't validate that the server was *receiving* the packets. > Anyhow, I changed the clients.conf to include the external IP of the > server, ran the test again, and it worked as expected: Exactly. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
