Sorry I forgot to ask for the authorize section which is the most important part.
Fed On Fri, Dec 7, 2018 at 1:53 PM Yash Jipkate <[email protected]> wrote: > These are the sections from sites-enabled/default: > > - authenticate > authenticate {} > > - post-auth > post-auth { > update control { &REST-HTTP-Header += "${...api_token_header}" } > rest > > Post-Auth-Type REJECT { > update control { &REST-HTTP-Header += > "${....api_token_header}" } > rest > } > } > > > - accounting > accounting { > update control { &REST-HTTP-Header += "${...api_token_header}" } > rest > } > > > - preacct > preacct { > preprocess > > # > # Merge Acct-[Input|Output]-Gigawords and Acct-[Input-Output]-Octets > # into a single 64bit counter Acct-[Input|Output]-Octets64. > # > # acct_counters64 > > # > # Session start times are *implied* in RADIUS. > # The NAS never sends a "start time". Instead, it sends > # a start packet, *possibly* with an Acct-Delay-Time. > # The server is supposed to conclude that the start time > # was "Acct-Delay-Time" seconds in the past. > # > # The code below creates an explicit start time, which can > # then be used in other modules. It will be *mostly* correct. > # Any errors are due to the 1-second resolution of RADIUS, > # and the possibility that the time on the NAS may be off. > # > # The start time is: NOW - delay - session_length > # > > # update request { > # &FreeRADIUS-Acct-Session-Start-Time = "%{expr: %l - > %{%{Acct-Session-Time}:-0} - %{%{Acct-Delay-Time}:-0}}" > # } > > > # > # Ensure that we have a semi-unique identifier for every > # request, and many NAS boxes are broken. > acct_unique > > # > # Look for IPASS-style 'realm/', and if not found, look for > # '@realm', and decide whether or not to proxy, based on > # that. > # > # Accounting requests are generally proxied to the same > # home server as authentication requests. > # IPASS > suffix > # ntdomain > > # > # Read the 'acct_users' file > files > } > > > > On Friday, December 7, 2018 at 5:53:02 PM UTC+5:30, Federico Capoano wrote: > >> Could you share the following sections of your config? >> >> - authenticate >> - post-auth >> - accounting >> - preacct >> >> >> >> On Fri, Dec 7, 2018 at 1:02 PM Yash Jipkate <[email protected]> wrote: >> >>> No, I just followed the docs. Am I missing something in the config files? >>> >>> Thanks >>> >>> >>> On Friday, December 7, 2018 at 5:26:01 PM UTC+5:30, Federico Capoano >>> wrote: >>> >>>> That's a configuration issue related to "eap". Are you trying to >>>> configure EAP? >>>> >>>> Fed >>>> >>>> On Fri, Dec 7, 2018 at 11:55 AM Yash Jipkate <[email protected]> >>>> wrote: >>>> >>> Thanks Federico, >>>>> >>>>> The server is a development one and I have specified the port >>>>> in /etc/freeradius/mods-enabled/rest file. Although I have changed it back >>>>> to 8000 after you pointed out but still no effect. >>>>> >>>>> Is freeradius sitting on the same host where >>>>>> django-freeradius/openwisp-radius is installed? >>>>> >>>>> >>>>> The host is 127.0.0.1 as specified in my >>>>> /etc/freeradius/mods-enabled/rest file and I have followed the >>>>> instructions >>>>> as in the docs as a root user. >>>>> >>>>> I tried purging and reinstalling freeradius and ended up with a new >>>>> error >>>>> >>>>> Dec 07 16:18:04 thejedicode-inspiron-5558o freeradius[24760]: rlm_sql >>>>> (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked >>>>> Dec 07 16:18:04 thejedicode-inspiron-5558o freeradius[24760]: Creating >>>>> attribute SQL-Group >>>>> Dec 07 16:18:04 thejedicode-inspiron-5558o freeradius[24760]: Unable >>>>> to check file "/etc/freeradius/certs/dh": No such file or directory >>>>> Dec 07 16:18:04 thejedicode-inspiron-5558o freeradius[24760]: >>>>> rlm_eap_tls: Failed initializing SSL context >>>>> Dec 07 16:18:04 thejedicode-inspiron-5558o freeradius[24760]: rlm_eap >>>>> (EAP): Failed to initialise rlm_eap_tls >>>>> Dec 07 16:18:04 thejedicode-inspiron-5558o freeradius[24760]: >>>>> /etc/freeradius/mods-enabled/eap[14]: Instantiation failed for module >>>>> "eap" >>>>> Dec 07 16:18:04 thejedicode-inspiron-5558o systemd[1]: >>>>> freeradius.service: Control process exited, code=exited status=1 >>>>> Dec 07 16:18:04 thejedicode-inspiron-5558o systemd[1]: Failed to start >>>>> FreeRADIUS multi-protocol policy server. >>>>> -- Subject: Unit freeradius.service has failed >>>>> >>>>> Any idea of how it got here? >>>>> >>>>> On Friday, December 7, 2018 at 2:21:19 PM UTC+5:30, Federico Capoano >>>>> wrote: >>>>>> >>>>>> As the log says, freeradius is trying to reac http://127.0.0.1:8007, >>>>>> this fails and hence it halts. To fix it you must ensure it can connect. >>>>>> >>>>> >>>>> >>>>> Is freeradius sitting on the same host where >>>>>> django-freeradius/openwisp-radius is installed? Is this a production or >>>>>> development environment? >>>>>> >>>>>> If it's a production environment, the URL http://127.0.0.1:8007 is >>>>>> likely wrong. >>>>>> If it's a development environment, either the development server is >>>>>> not started, or maybe is just because unless you changed the port of the >>>>>> development server, the port is 8000, so the URL should be >>>>>> http://127.0.0.1:8000 >>>>>> >>>>>> I hope it helps >>>>>> Federico >>>>>> >>>>>> >>>>>> On Friday, December 7, 2018 at 4:49:02 AM UTC+1, Yash Jipkate wrote: >>>>>>> >>>>>>> Hello, >>>>>>> >>>>>>> I am currently started to work on the django-freeradius project. I >>>>>>> am facing some problems in setting up the freeradius server... >>>>>>> >>>>>>> when I run >>>>>>> journalctl -xe >>>>>>> >>>>>>> >>>>>>> the output I get is: >>>>>>> >>>>>>> Dec 07 08:55:18 thejedicode-inspiron-5558o freeradius[10549]: >>>>>>> [/etc/freeradius/mods-config/attr_filter/access_reject]:11 Check item >>>>>>> "FreeRADIUS-Response-Delay-USec" >>>>>>> Dec 07 08:55:18 thejedicode-inspiron-5558o freeradius[10549]: >>>>>>> rlm_mschap (mschap): using internal authentication >>>>>>> Dec 07 08:55:18 thejedicode-inspiron-5558o freeradius[10549]: >>>>>>> rlm_sql_mysql: libmysql version: 5.7.24 >>>>>>> Dec 07 08:55:18 thejedicode-inspiron-5558o freeradius[10549]: >>>>>>> rlm_sql (sql): Attempting to connect to database "radius" >>>>>>> Dec 07 08:55:18 thejedicode-inspiron-5558o freeradius[10549]: >>>>>>> rlm_sql (sql): Initialising connection pool >>>>>>> Dec 07 08:55:18 thejedicode-inspiron-5558o freeradius[10549]: >>>>>>> Ignoring "ldap" (see raddb/mods-available/README.rst) >>>>>>> Dec 07 08:55:18 thejedicode-inspiron-5558o freeradius[10549]: # >>>>>>> Skipping contents of 'if' as it is always 'false' -- >>>>>>> /etc/freeradius/sites-enabled/inner-tunnel:331 >>>>>>> Dec 07 08:55:18 thejedicode-inspiron-5558o freeradius[10549]: >>>>>>> radiusd: #### Skipping IP addresses and Ports #### >>>>>>> Dec 07 08:55:18 thejedicode-inspiron-5558o freeradius[10549]: >>>>>>> Configuration appears to be OK >>>>>>> Dec 07 08:55:18 thejedicode-inspiron-5558o freeradius[10549]: >>>>>>> rlm_rest (rest): Removing connection pool >>>>>>> Dec 07 08:55:18 thejedicode-inspiron-5558o freeradius[10549]: >>>>>>> rlm_sql (sql): Removing connection pool >>>>>>> Dec 07 08:55:18 thejedicode-inspiron-5558o systemd[1]: >>>>>>> freeradius.service: Control process exited, code=exited status=1 >>>>>>> Dec 07 08:55:18 thejedicode-inspiron-5558o systemd[1]: Failed to >>>>>>> start FreeRADIUS multi-protocol policy server. >>>>>>> -- Subject: Unit freeradius.service has failed >>>>>>> -- Defined-By: systemd >>>>>>> -- Support: >>>>>>> http://lists.freedesktop.org/mailman/listinfo/systemd-devel >>>>>>> -- >>>>>>> -- Unit freeradius.service has failed. >>>>>>> -- >>>>>>> -- The result is failed. >>>>>>> Dec 07 08:55:18 thejedicode-inspiron-5558o systemd[1]: >>>>>>> freeradius.service: Unit entered failed state. >>>>>>> Dec 07 08:55:18 thejedicode-inspiron-5558o systemd[1]: >>>>>>> freeradius.service: Failed with result 'exit-code'. >>>>>>> >>>>>>> When I run: >>>>>>> >>>>>>> freeradius -X >>>>>>> >>>>>>> I get: >>>>>>> >>>>>>> rlm_rest (rest): Opening additional connection (0), 1 of 32 pending >>>>>>> slots used >>>>>>> rlm_rest (rest): Connecting to "http://127.0.0.1:8007"; >>>>>>> rlm_rest (rest): Connection failed: 7 - Couldn't connect to server >>>>>>> rlm_rest (rest): Opening connection failed (0) >>>>>>> rlm_rest (rest): Removing connection pool >>>>>>> /etc/freeradius/mods-enabled/rest[1]: Instantiation failed for >>>>>>> module "rest" >>>>>>> >>>>>>> I tried to look it up on the internet but cant seem to solve it. >>>>>>> >>>>>>> Any help is appreciated. Thanks >>>>>>> >>>>>> -- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "OpenWISP" group. >>>>> >>>> To unsubscribe from this group and stop receiving emails from it, send >>>>> an email to [email protected]. >>>> >>>> >>>>> For more options, visit https://groups.google.com/d/optout. >>>>> >>>> -- >>> You received this message because you are subscribed to the Google >>> Groups "OpenWISP" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> For more options, visit https://groups.google.com/d/optout. >>> >> -- > You received this message because you are subscribed to the Google Groups > "OpenWISP" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "OpenWISP" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
