Any ACL on AP network which might block your debian server IP but not your ubuntu IP?
Schilling On Wed, Apr 27, 2011 at 3:59 PM, John Corps <[email protected]> wrote: > Hello, > I had freeradius setup and running perfectly on an ubuntu test machine and > now I have done the exact same setup and configuration on a new debian > machine with the addition of daloradius for easy configuration by other > members of the team. I am running latest freeradius 2.1.10. The ubuntu > machine was working perfect for mac auth but now this setup is not working. > I try and connect to the WiFi and it always times out. Putting freeradius in > debug mode shows nothing useful, it shows that it's sending the access > accept packet but the connection times out still. Here is a sample debug, if > anyone can be of any assistance it would be great. For reference, I change > my AP back to the ubuntu server to do the radius mac auth and connect to the > wifi and it sends the access accept and connects right away. Maybe I am > missing something here....I don't think its an issue using sql as the ubuntu > machine isn't using sql but if i disable sql and use exact config etc the > time out still occurs. > Ready to process requests. > rad_recv: Access-Request packet from host 192.168.1.55 port 1030, id=0, > length=160 > User-Name = "00-1E-58-F9-A6-94" > User-Password = "NOPASSWORD" > NAS-IP-Address = 192.168.1.55 > Called-Station-Id = "00-20-B0-E6-12-A6:TEST" > Calling-Station-Id = "00-1E-58-F9-A6-94" > NAS-Port-Type = Wireless-802.11 > Connect-Info = "CONNECT 11Mbps 802.11b" > Message-Authenticator = 0x946f027f36890c6b16ec5b4132e8e1d9 > # Executing section authorize from file > /etc/freeradius/sites-enabled/default > +- entering group authorize {...} > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name = "00-1E-58-F9-A6-94", looking up realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] No EAP-Message, not doing EAP > ++[eap] returns noop > ++[files] returns noop > [sql] expand: %{User-Name} -> 00-1E-58-F9-A6-94 > [sql] sql_set_user escaped user --> '00-1E-58-F9-A6-94' > rlm_sql (sql): Reserving sql socket id: 3 > [sql] expand: SELECT id, username, attribute, value, op FROM > radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id > -> SELECT id, username, attribute, value, op FROM radcheck > WHERE username = '00-1E-58-F9-A6-94' ORDER BY id > [sql] User found in radcheck table > [sql] expand: SELECT id, username, attribute, value, op FROM > radreply WHERE username = '%{SQL-User-Name}' ORDER BY id > -> SELECT id, username, attribute, value, op FROM radreply > WHERE username = '00-1E-58-F9-A6-94' ORDER BY id > [sql] expand: SELECT groupname FROM radusergroup WHERE > username = '%{SQL-User-Name}' ORDER BY priority -> SELECT > groupname FROM radusergroup WHERE username = > '00-1E-58-F9-A6-94' ORDER BY priority > rlm_sql (sql): Released sql socket id: 3 > ++[sql] returns ok > ++[expiration] returns noop > ++[logintime] returns noop > [pap] WARNING: Auth-Type already set. Not setting to PAP > ++[pap] returns noop > Found Auth-Type = Accept > Auth-Type = Accept, accepting the user > # Executing section post-auth from file > /etc/freeradius/sites-enabled/default > +- entering group post-auth {...} > [sql] expand: %{User-Name} -> 00-1E-58-F9-A6-94 > [sql] sql_set_user escaped user --> '00-1E-58-F9-A6-94' > [sql] expand: %{User-Password} -> NOPASSWORD > [sql] expand: INSERT INTO radpostauth (username, > pass, reply, authdate) VALUES ( > '%{User-Name}', > '%{%{User-Password}:-%{Chap-Password}}', > '%{reply:Packet-Type}', '%S') -> INSERT INTO radpostauth > (username, pass, reply, authdate) VALUES ( > '00-1E-58-F9-A6-94', > 'NOPASSWORD', 'Access-Accept', '2011-04-27 > 15:33:47') > rlm_sql (sql) in sql_postauth: query is INSERT INTO radpostauth > (username, pass, reply, authdate) > VALUES ( '00-1E-58-F9-A6-94', > 'NOPASSWORD', 'Access-Accept', '2011-04-27 > 15:33:47') > rlm_sql (sql): Reserving sql socket id: 2 > rlm_sql (sql): Released sql socket id: 2 > ++[sql] returns ok > ++[exec] returns noop > Sending Access-Accept of id 0 to 192.168.1.55 port 1030 > Finished request 0. > Going to the next request > Waking up in 4.9 seconds. > rad_recv: Access-Request packet from host 192.168.1.55 port 1030, id=0, > length=160 > Sending duplicate reply to client AP01 port 1030 - ID: 0 > Sending Access-Accept of id 0 to 192.168.1.55 port 1030 > Waking up in 1.9 seconds. > Cleaning up request 0 ID 0 with timestamp +4732 > Ready to process requests. > > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
