Hello Fabrice,
Thank you for your help.
Effectivly, it was the wrong radiusd service. The correct one, works.
I configured my Cisco, and the radius on packetfence and when I try to test
with the radtest command, I have this result :
[root@packetfence raddb]# radtest admin adminadmin localhost:18120 12
testing123
Sent Access-Request Id 172 from 0.0.0.0:39530 to 127.0.0.1:18120 length 75
User-Name = "admin"
User-Password = "adminadmin"
NAS-IP-Address = 169.254.0.2
NAS-Port = 12
Message-Authenticator = 0x00
Cleartext-Password = "adminadmin"
Received Access-Reject Id 172 from 127.0.0.1:18120 to 0.0.0.0:0 length 20
(0) -: Expected Access-Accept got Access-Reject
I don't understand why I have an Access-Reject and not an Access-Accept
when I try my Radius in localhost connection.
Thank you in advance for your help.
Regards,
Xavier
2018-04-30 14:52 GMT+02:00 Fabrice Durand via PacketFence-users <
packetfence-users@lists.sourceforge.net>:
> Hello Xavier,
>
> you are dealing with the wrong radiusd service , the correct one is
> packetfence-radiusd-auth.
>
> Also what you can try is the following (in /usr/local/pf/)
>
> radiusd -d raddb/ -n auth -fxx -l stdout
>
> And paste me the result.
>
> Regards
>
> Fabrice
>
>
>
> Le 2018-04-26 à 05:00, Xav Tauran via PacketFence-users a écrit :
>
> Hello everyone !
> I'm deploying a NAC solution for a customer with PacketFence. I use
> freeradius (freeradius is automatically installed with PacketFence).
> However, I have a problem with FreeRadius. FreeRadius doesn't want to
> start on my virtual machine. (I use Centos 7).
> I have this issue when I want to start radiuds with the radius -X command :
>
> Debugger not attached
> Refusing to start with libssl version OpenSSL 1.0.1e-fips 11 Feb 2013
> 0x1000105f (1.0.1e release) (in range 1.0.1 release - 1.0.1t rele)
> Security advisory CVE-2016-6304 (OCSP status request extension)
> For more information see https://www.openssl.org/news/secadv/20160922.txt
> Once you have verified libssl has been correctly patched, set
> security.allow_vulnerable_openssl = 'CVE-2016-6304'
> Refusing to start with libssl version OpenSSL 1.0.1e-fips 11 Feb 2013
> 0x1000105f (1.0.1e release) (in range 1.0.1 dev - 1.0.1f release)
> Security advisory CVE-2014-0160 (Heartbleed)
> For more information see http://heartbleed.com
>
> When I check the status of radiusd with systemctl status radiusd, I have
> this result :
>
> root@localhost raddb]# systemctl status radiusd
> ● radiusd.service - FreeRADIUS multi-protocol policy server
> Loaded: loaded (/usr/lib/systemd/system/radiusd.service; disabled; vendor
> preset: disabled)
> Active: inactive (dead)
> Docs: man:radiusd(8)
> man:radiusd.conf(5)
> http://wiki.freeradius.org/
> http://networkradius.com/doc/
>
> Can you help me ?
>
> Thank you very much in advance !
>
> Kind regards,
>
> Xavier TAURAN
>
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>
>
>
> _______________________________________________
> PacketFence-users mailing
> listPacketFence-users@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
> --
> Fabrice durandfdur...@inverse.ca :: +1.514.447.4918 (x135) :: www.inverse.ca
> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
> (http://packetfence.org)
>
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
