Hi Thomas,
if you want to test radius, you have to test on the port 18120
radtest dd9999 Abcd1234 localhost:18120 12 testing123
And to debug, you can kill the radius process and launch:
/usr/sbin/radiusd -d /usr/local/pf/raddb/ -X
Regards
Le 2012-09-26 13:40, Thomas Tsai a écrit :
I've always had an issue getting the freeradius module to work
correctly with packetfence v3.5 with at least 2 iterations of
rebuilding packetfence. (once under centos 5, and now centos 6)
I decided to dust off the covers yesterday to do some serious
troubleshooting by looking at logs.
1)I read the admin guide section for radius. Followed those steps for
local authentication -- nothing fancy with AD auth yet. Lets get the
barebones working.
2)I looked for the radius logs under the following spots:
a./var/log/radius/radius.log
b./usr/local/pf/logs/radius.log
Did a tail on both logs just in case, though all the threads online
suggest the correct log to look at is under /var/log. Couldn't find
any logs that matched my attempts to perform "radtest". Radtest
results as follows:
[server]# radtest username password localhost 12 key
[...]
radclient: no response from server for ID 34 socket 3
So.. doesn't look like the radius server is listening. I did what the
packetfence website suggested. Radiusd --X and I get the following
results:
Failed binding to authentication address * port 1812 as server
packetfence: Address already in use
/etc/raddb/radiusd.conf[27]: Error binding to port for 0.0.0.0 port 1812
So...something is occupying this port already. Let's do a netstat to
confirm...
[server]# netstat -an | grep 1812
udp 0 0 127.0.0.1:18120 0.0.0.0:*
udp 0 0 10.10.10.254:1812 0.0.0.0:*
Yes. Something is listening.
If I stop the packetfence service, I am then able to run radiusd --X
and I am able to perform a radtest with success.
I want to troubleshoot this and get to the bottom of my issue because
I want to use PF for wireless auth with a WLC! But this is a major
hurdle...
Any suggestions?
**********************************************
Email Disclaimer:
This email, including attachments, may contain
proprietary, confidential or privileged information. If you
are not the intended recipient, please (i) do not use,
disclose, save or retransmit this message or any
attachments, (ii) alert the sender by reply email and (iii)
destroy or delete this message and any attachments.
Delivery of this email to a person other than the intended
recipient(s) shall not constitute a waiver of privilege or
confidentiality.
CP Investments, member FINRA and SIPC, serves as
placement agent for investment products advised by
Canyon Capital Advisors LLC. This email is not intended to
be an offer to sell or a solicitation of an offer to buy any
security in any jurisdiction. We review and retain
electronic communications traveling through our network.
**********************************************
------------------------------------------------------------------------------
How fast is your code?
3 out of 4 devs don\\\'t know how their code performs in production.
Find out how slow your code is with AppDynamics Lite.
http://ad.doubleclick.net/clk;262219672;13503038;z?
http://info.appdynamics.com/FreeJavaPerformanceDownload.html
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Fabrice Durand
[email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
------------------------------------------------------------------------------
How fast is your code?
3 out of 4 devs don\\\'t know how their code performs in production.
Find out how slow your code is with AppDynamics Lite.
http://ad.doubleclick.net/clk;262219672;13503038;z?
http://info.appdynamics.com/FreeJavaPerformanceDownload.html
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
