I am trying to setup the RADIUS server using Active Directory and got to
the radtest test. The LDAP connect, bind and search is successful but the
radtest is failing. I keep getting the error message:
[root@pf-zen-esx ~]# radtest dd9999 Abcd1234 localhost:18120 12 testing123
radclient:: Failed to find IP address for pf-zen-esx
radclient: Nothing to send.
So far, I have:
1. Checked to make sure that the SQL password is working using the
command *mysql
-u pf -p *and checked the sql.conf file which is included below.
[root@pf-zen-esx ~]# mysql -u pf -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
sql {
database = "mysql"
driver = "rlm_sql_${database}"
server = "%%db_host%%"
port = %%db_port%%
login = "%%db_username%%"
password = "%%db_password%%"
radius_db = "%%db_database%%"
acct_table1 = "radacct"
acct_table2 = "radacct"
postauth_table = "radpostauth"
authcheck_table = "radcheck"
authreply_table = "radreply"
groupcheck_table = "radgroupcheck"
groupreply_table = "radgroupreply"
usergroup_table = "radusergroup"
deletestalesessions = yes
sqltrace = no
sqltracefile = ${logdir}/sqltrace.sql
num_sql_socks = 5
connect_failure_retry_delay = 60
lifetime = 0
max_queries = 0
readclients = yes
nas_table = "radius_nas"
$INCLUDE sql/${database}/packetfence.conf
}
2. Created a symbolic link *ln -s ../sites-available/packetfence|ln -s
../sites-available/packetfence-tunnel*
3. And based on another thread on this page, I checked my radiusd.conf file
to see if $INCLUDE sql.conf was located. It was there. I have attached the
radiusd.conf file.
prefix = /usr
exec_prefix = /usr
sysconfdir = /etc
localstatedir = %%install_dir%%/var
sbindir = /usr/sbin
logdir = %%install_dir%%/logs
raddbdir = %%install_dir%%/var/radiusd
radacctdir = %%install_dir%%/logs/radacct
name = radiusd
confdir = ${raddbdir}
run_dir = ${localstatedir}/run
db_dir = ${raddbdir}
libdir = /usr/lib%%arch%%/freeradius
pidfile = ${run_dir}/${name}.pid
rpc_user = %%rpc_user%%
rpc_pass = %%rpc_pass%%
rpc_port = 9090
rpc_server = 127.0.0.1
rpc_proto = http
user = pf
group = pf
max_request_time = 30
cleanup_delay = 5
max_requests = 20000
listen {
type = auth
ipaddr = %%management_ip%%
port = 0
virtual_server = packetfence
}
listen {
ipaddr = %%management_ip%%
port = 0
type = acct
virtual_server = packetfence
}
hostname_lookups = no
allow_core_dumps = no
regular_expressions = yes
extended_expressions = yes
log {
destination = files
file = ${logdir}/radius.log
syslog_facility = daemon
stripped_names = no
auth = yes
auth_badpass = no
auth_goodpass = no
}
checkrad = ${sbindir}/checkrad
security {
max_attributes = 200
reject_delay = 1
status_server = yes
# On Centos, even if the openssl lib has been patched, freeradius
refuse to start. Make sure you update openssl.
allow_vulnerable_openssl = yes
}
proxy_requests = yes
$INCLUDE proxy.conf
$INCLUDE clients.conf
thread pool {
start_servers = 5
max_servers = 32
min_spare_servers = 3
max_spare_servers = 10
max_requests_per_server = 0
}
modules {
$INCLUDE ${confdir}/modules/
$INCLUDE eap.conf
$INCLUDE sql.conf
}
instantiate {
exec
expr
expiration
logintime
raw
}
$INCLUDE policy.conf
$INCLUDE sites-enabled/
Is there anything else that can be done?
Thank you,
Carla
------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/NeoTech
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
