Radius Squid authentication REJECT
Hi All, I have successfully configure freeradius with mysql. i can radtest using command : sudo radtest alice password 192.168.2.3 1812 testing123 Sending Access-Request of id 187 to 192.168.2.3 port 1812 User-Name = alice User-Password = password NAS-IP-Address = 127.0.1.1 NAS-Port = 1812 Message-Authenticator = 0x rad_recv: Access-Accept packet from host 192.168.2.3 port 1812, id=187, length=20 Now i try squid using radius authentication. i followed step by step from : http://safesrv.net/setup-squid-and-freeradius-on-centos-5/#comment-1043 But i got error message log on cache.log Warning: Received invalid reply digest from server Warning: Received invalid reply digest from server Warning: Received invalid reply digest from server squid_rad_auth: No response from RADIUS server On radius -X debug there is error message like bellow : Sending duplicate reply to client localprivate port 42003 – ID: 2 Sending Access-Reject of id 2 to 192.168.2.3 port 42003 Waking up in 2.9 seconds. rad_recv: Access-Request packet from host 192.168.2.3 port 42003, id=2, length=63 Sending duplicate reply to client localprivate port 42003 – ID: 2 Sending Access-Reject of id 2 to 192.168.2.3 port 42003 Waking up in 0.9 seconds. Found Auth-Type = PAP # Executing group from file /usr/local/etc/raddb/sites-enabled/default +- entering group PAP {…} [pap] login attempt with password “b9?I? +�(�Ч�Y�?” [pap] Using clear text password “password” [pap] Passwords don’t match ++[pap] returns reject Failed to authenticate the user. WARNING: Unprintable characters in the password. Double-check the shared secret on the server and the NAS! Using Post-Auth-Type REJECT What is that error ? How i can solve this Thanks -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius Squid authentication REJECT
Hi Matthias, I don't use on my squid_rad_auth.conf.No space on my scret. This is my squid_rad_auth.conf server 192.168.2.3 secret testing123 On my radcheck, i also using Cleartext-Password on my racheck table Any another clue ? Thanks On Thu, Apr 11, 2013 at 3:59 PM, Matthias Nagel matthias.h.na...@gmail.comwrote: Hello, did you do what the warning says and double checked the shared secret? As far as I see the squid_rad_auth.conf does not use quotation marks () to delimit the shared secret. Hence, perhaps you have trailing white spaces or something like that at the end of the line. Delete the line secret in squid_rad_auth.conf and type it again. I really mean to delete it in order to get rid of unprintable characters you might not see. Matthias Am Donnerstag 11 April 2013, 15:47:33 schrieb Iftakhul Anwar: Hi All, I have successfully configure freeradius with mysql. i can radtest using command : sudo radtest alice password 192.168.2.3 1812 testing123 Sending Access-Request of id 187 to 192.168.2.3 port 1812 User-Name = alice User-Password = password NAS-IP-Address = 127.0.1.1 NAS-Port = 1812 Message-Authenticator = 0x rad_recv: Access-Accept packet from host 192.168.2.3 port 1812, id=187, length=20 Now i try squid using radius authentication. i followed step by step from : http://safesrv.net/setup-squid-and-freeradius-on-centos-5/#comment-1043 But i got error message log on cache.log Warning: Received invalid reply digest from server Warning: Received invalid reply digest from server Warning: Received invalid reply digest from server squid_rad_auth: No response from RADIUS server On radius -X debug there is error message like bellow : Sending duplicate reply to client localprivate port 42003 – ID: 2 Sending Access-Reject of id 2 to 192.168.2.3 port 42003 Waking up in 2.9 seconds. rad_recv: Access-Request packet from host 192.168.2.3 port 42003, id=2, length=63 Sending duplicate reply to client localprivate port 42003 – ID: 2 Sending Access-Reject of id 2 to 192.168.2.3 port 42003 Waking up in 0.9 seconds. Found Auth-Type = PAP # Executing group from file /usr/local/etc/raddb/sites-enabled/default +- entering group PAP {…} [pap] login attempt with password “b9?I? +�(�Ч�Y�?” [pap] Using clear text password “password” [pap] Passwords don’t match ++[pap] returns reject Failed to authenticate the user. WARNING: Unprintable characters in the password. Double-check the shared secret on the server and the NAS! Using Post-Auth-Type REJECT What is that error ? How i can solve this Thanks -- Matthias Nagel Willy-Andreas-Allee 1, Zimmer 506 76131 Karlsruhe Telefon: +49-721-8695-1506 Mobil: +49-151-15998774 e-Mail: matthias.h.na...@gmail.com ICQ: 499797758 Skype: nagmat84 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius Squid authentication REJECT
I just use enter after my shared secret. Any suggestions ? On Thu, Apr 11, 2013 at 4:17 PM, Matthias Nagel matthias.h.na...@gmail.comwrote: Hello, Am Donnerstag 11 April 2013, 16:07:08 schrieb Iftakhul Anwar: Hi Matthias, I don't use on my squid_rad_auth.conf I know, that is the reason why I asked you to check for non-printable characters AFTER your shared secret. No space on my scret. And what is between the last printable character of your secret and the new line? Matthias This is my squid_rad_auth.conf server 192.168.2.3 secret testing123 On my radcheck, i also using Cleartext-Password on my racheck table Any another clue ? Thanks On Thu, Apr 11, 2013 at 3:59 PM, Matthias Nagel matthias.h.na...@gmail.comwrote: Hello, did you do what the warning says and double checked the shared secret? As far as I see the squid_rad_auth.conf does not use quotation marks () to delimit the shared secret. Hence, perhaps you have trailing white spaces or something like that at the end of the line. Delete the line secret in squid_rad_auth.conf and type it again. I really mean to delete it in order to get rid of unprintable characters you might not see. Matthias Am Donnerstag 11 April 2013, 15:47:33 schrieb Iftakhul Anwar: Hi All, I have successfully configure freeradius with mysql. i can radtest using command : sudo radtest alice password 192.168.2.3 1812 testing123 Sending Access-Request of id 187 to 192.168.2.3 port 1812 User-Name = alice User-Password = password NAS-IP-Address = 127.0.1.1 NAS-Port = 1812 Message-Authenticator = 0x rad_recv: Access-Accept packet from host 192.168.2.3 port 1812, id=187, length=20 Now i try squid using radius authentication. i followed step by step from : http://safesrv.net/setup-squid-and-freeradius-on-centos-5/#comment-1043 But i got error message log on cache.log Warning: Received invalid reply digest from server Warning: Received invalid reply digest from server Warning: Received invalid reply digest from server squid_rad_auth: No response from RADIUS server On radius -X debug there is error message like bellow : Sending duplicate reply to client localprivate port 42003 – ID: 2 Sending Access-Reject of id 2 to 192.168.2.3 port 42003 Waking up in 2.9 seconds. rad_recv: Access-Request packet from host 192.168.2.3 port 42003, id=2, length=63 Sending duplicate reply to client localprivate port 42003 – ID: 2 Sending Access-Reject of id 2 to 192.168.2.3 port 42003 Waking up in 0.9 seconds. Found Auth-Type = PAP # Executing group from file /usr/local/etc/raddb/sites-enabled/default +- entering group PAP {…} [pap] login attempt with password “b9?I? +�(�Ч�Y�?” [pap] Using clear text password “password” [pap] Passwords don’t match ++[pap] returns reject Failed to authenticate the user. WARNING: Unprintable characters in the password. Double-check the shared secret on the server and the NAS! Using Post-Auth-Type REJECT What is that error ? How i can solve this Thanks -- Matthias Nagel Willy-Andreas-Allee 1, Zimmer 506 76131 Karlsruhe Telefon: +49-721-8695-1506 Mobil: +49-151-15998774 e-Mail: matthias.h.na...@gmail.com ICQ: 499797758 Skype: nagmat84 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Matthias Nagel Willy-Andreas-Allee 1, Zimmer 506 76131 Karlsruhe Telefon: +49-721-8695-1506 Mobil: +49-151-15998774 e-Mail: matthias.h.na...@gmail.com ICQ: 499797758 Skype: nagmat84 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius Squid authentication REJECT
Hi Adam, I'm sorry my previous attachment too large, This attachment log of radiusd -X output when i try to login using user = alice with passwrod=password Thanks On Thu, Apr 11, 2013 at 8:02 PM, Iftakhul Anwar an...@meruvian.org wrote: Hi Adam, This attachment log of radiusd -X output when i try to login using user = alice with passwrod=password On Thu, Apr 11, 2013 at 4:55 PM, Adam Bishop adam.bis...@ja.net wrote: On 11 Apr 2013, at 10:35, Iftakhul Anwar an...@meruvian.org wrote: I just use enter after my shared secret. Any suggestions ? There are three possibilities * The shared secret is wrong in the squid radius file * The shared secret is wrong in the freeradius clients file * Squid is broken (I think this unlikely) As you've not posted a full debug log, all we can do is guess. My guess is that radtest is using the secret defined in clients.conf:client 127.0.0.1/8 and squid is using the secret defined in clients.conf:client 192.168.2.3 Post a full log, and we can probably do more than guess. Adam Bishop gpg: 0x6609D460 Janet, the UK's research and education network. Janet(UK) is a trading name of Jisc Collections and Janet Limited, a not-for-profit company which is registered in England under No. 2881024 and whose Registered Office is at Lumen House, Library Avenue, Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org rlm_sql (sql): Attempting to connect rlm_sql_mysql #2 rlm_sql_mysql: Starting connect to MySQL server for #2 rlm_sql (sql): Connected new DB handle, #2 rlm_sql (sql): starting 3 rlm_sql (sql): Attempting to connect rlm_sql_mysql #3 rlm_sql_mysql: Starting connect to MySQL server for #3 rlm_sql (sql): Connected new DB handle, #3 rlm_sql (sql): starting 4 rlm_sql (sql): Attempting to connect rlm_sql_mysql #4 rlm_sql_mysql: Starting connect to MySQL server for #4 rlm_sql (sql): Connected new DB handle, #4 Module: Checking preacct {...} for more modules to load Module: Linked to module rlm_acct_unique Module: Instantiating module acct_unique from file /usr/local/etc/raddb/modules/acct_unique acct_unique { key = User-Name, Acct-Session-Id, NAS-IP-Address, NAS-Identifier, NAS-Port } Module: Checking accounting {...} for more modules to load Module: Linked to module rlm_detail Module: Instantiating module detail from file /usr/local/etc/raddb/modules/detail detail { detailfile = /usr/local/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d header = %t detailperm = 384 dirperm = 493 locking = no log_packet_header = no } Module: Linked to module rlm_attr_filter Module: Instantiating module attr_filter.accounting_response from file /usr/local/etc/raddb/modules/attr_filter attr_filter attr_filter.accounting_response { attrsfile = /usr/local/etc/raddb/attrs.accounting_response key = %{User-Name} relaxed = no } reading pairlist file /usr/local/etc/raddb/attrs.accounting_response Module: Checking session {...} for more modules to load Module: Linked to module rlm_radutmp Module: Instantiating module radutmp from file /usr/local/etc/raddb/modules/radutmp radutmp { filename = /usr/local/var/log/radius/radutmp username = %{User-Name} case_sensitive = yes check_with_nas = yes perm = 384 callerid = yes } Module: Checking post-proxy {...} for more modules to load Module: Checking post-auth {...} for more modules to load Module: Instantiating module attr_filter.access_reject from file /usr/local/etc/raddb/modules/attr_filter attr_filter attr_filter.access_reject { attrsfile = /usr/local/etc/raddb/attrs.access_reject key = %{User-Name} relaxed = no } reading pairlist file /usr/local/etc/raddb/attrs.access_reject } # modules } # server server inner-tunnel { # from file /usr/local/etc/raddb/sites-enabled/inner-tunnel modules { Module: Checking authenticate {...} for more modules to load Module: Checking authorize {...} for more modules to load Module: Checking session {...} for more modules to load Module: Checking post-proxy {...} for more modules to load Module: Checking post-auth
Re: Radius Squid authentication REJECT
I'm sorry i really newbie. Actually my shared password is default using testing123.This is my configuration on my squid_rad_auth.conf squid_rad_auth.conf - server 192.168.2.3 secret testing123 and this is my configuration on squid.conf # TAG: auth_param #auth_param basic program /etc/squid3/squid_radius_auth -f /etc/squid3/squid_rad_auth.conf auth_param basic program /etc/squid3/squid_radius_auth -f /usr/local/squid/etc/squid_radius_auth.conf auth_param basic children 5 auth_param basic realm web-proxy auth_param basic credentialsttl 5 minutes auth_param basic casesensitive off acl radius-auth proxy_auth REQUIRED # TAG: http_access http_access allow radius-auth http_access allow localhost any something wrong ? i suspicious in log: [pap] login attempt with password “b9?I? +�(�Ч�Y�?” [pap] Using clear text password “password” [pap] Passwords don’t match Is it because of different authentification method between squid and radius ? On Thu, Apr 11, 2013 at 10:35 PM, a.l.m.bu...@lboro.ac.uk wrote: Hi, look: WARNING: Unprintable characters in the password. Double-check the shared secret on the server and the NAS! there. incorrect shared secret...as already said several times in this thread...OR the squid code is broken. if this is working fine, then because its PAP you will see the password in User-Password clear as day. you dont, its all corrupted, because incorrect shared secret. put eg radtest onto the squid box and check that you can fire off a dumb RADIUS query to your FR box from the squid box alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius Squid authentication REJECT
Hi, I'm sorry, This is response log from radiusd -X when i try long using usr:alice password: password Cleaning up request 3 ID 4 with timestamp +116 Ready to process requests. rad_recv: Access-Request packet from host 192.168.2.3 port 55467, id=4, length=63 User-Name = alice User-Password = \335\307-\245#ˎ!7\036f\023\217\3630\257 NAS-Port = 111 NAS-Port-Type = Async NAS-IP-Address = 192.168.2.3 # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop ++[digest] returns noop [suffix] No '@' in User-Name = alice, looking up realm NULL [suffix] No such realm NULL ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[files] returns noop [sql] expand: %{User-Name} - alice [sql] sql_set_user escaped user -- 'alice' rlm_sql (sql): Reserving sql socket id: 0 [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id - SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'alice' ORDER BY id [sql] User found in radcheck table [sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id - SELECT id, username, attribute, value, op FROM radreply WHERE username = 'alice' ORDER BY id [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority - SELECT groupname FROM radusergroup WHERE username = 'alice' ORDER BY priority rlm_sql (sql): Released sql socket id: 0 ++[sql] returns ok ++[expiration] returns noop ++[logintime] returns noop ++[pap] returns updated Found Auth-Type = PAP # Executing group from file /usr/local/etc/raddb/sites-enabled/default +- entering group PAP {...} [pap] login attempt with password \DD\C7-\A5#\CB?!7?f??\F30\AF [pap] Using clear text password password [pap] Passwords don't match ++[pap] returns reject Failed to authenticate the user. WARNING: Unprintable characters in the password. Double-check the shared secret on the server and the NAS! Using Post-Auth-Type REJECT # Executing group from file /usr/local/etc/raddb/sites-enabled/default +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} - alice attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 4 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 4 Sending Access-Reject of id 4 to 192.168.2.3 port 55467 Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 192.168.2.3 port 55467, id=4, length=63 Sending duplicate reply to client localprivate port 55467 - ID: 4 Sending Access-Reject of id 4 to 192.168.2.3 port 55467 Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 192.168.2.3 port 55467, id=4, length=63 Sending duplicate reply to client localprivate port 55467 - ID: 4 Sending Access-Reject of id 4 to 192.168.2.3 port 55467 Waking up in 3.9 seconds. rad_recv: Access-Request packet from host 192.168.2.3 port 55467, id=4, length=63 Sending duplicate reply to client localprivate port 55467 - ID: 4 Sending Access-Reject of id 4 to 192.168.2.3 port 55467 Waking up in 2.9 seconds. rad_recv: Access-Request packet from host 192.168.2.3 port 55467, id=4, length=63 Sending duplicate reply to client localprivate port 55467 - ID: 4 Sending Access-Reject of id 4 to 192.168.2.3 port 55467 Waking up in 1.9 seconds. rad_recv: Access-Request packet from host 192.168.2.3 port 55467, id=4, length=63 Sending duplicate reply to client localprivate port 55467 - ID: 4 Sending Access-Reject of id 4 to 192.168.2.3 port 55467 Waking up in 0.9 seconds. Cleaning up request 4 ID 4 with timestamp +122 Ready to process requests. On Thu, Apr 11, 2013 at 11:22 PM, a.l.m.bu...@lboro.ac.uk wrote: Hi, Hi, previously i've attached my log as attachment :) no, you havent :-( all you have attached is the stuff that you felt you wanted to send. without sending the FULL output of radiusd -X FROM THE START we cannot see where you have gone wrong. HOW can we help if you dont give us the information we request? alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius Squid authentication REJECT
Hi All Thanks i've successfull configure squid using radius authentification. Actually i need install squid from source with parameter bellow when compile that source ( http://wiki.squid-cache.org/ConfigExamples/Authenticate/Radius) *--enable-basic-auth-helpers=squid_radius_auth* Previously i used squid3 from apt-get . Thanks :) * * * * * * On Fri, Apr 12, 2013 at 12:36 AM, Alan DeKok al...@deployingradius.comwrote: Iftakhul Anwar wrote: This is response log from radiusd -X when i try long using usr:alice password: password No, it's not. You need to follow instructions. If you ask questions and ignore the answers, that's rude. Either follow instructions, or stop posting the same questions. If you don't follow instructions, you will be unsubscribed and banned from the list. Following instructions shouldn't be hard. Do it, or else. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Failed to disconnect online user with custom table
Hi All, I've develop application which use freeradius and use coova as captive portal.I use jradius to communicate with freeradius. Now, new user will be store in my custom table (not in radcheck as default freeradius). Now i try to disconnect user online (use:admin) with command bellow : *sudo echo User-Name=admin | radclient -x localhost:3779 disconnect testing123* but i get no response like bellow : Sending Disconnect-Request of id 251 to 127.0.0.1 port 3779 User-Name = admin Sending Disconnect-Request of id 251 to 127.0.0.1 port 3779 User-Name = admin Sending Disconnect-Request of id 251 to 127.0.0.1 port 3779 User-Name = admin radclient: no response from server for ID 251 socket 3 I try to check 3779 port with netstat, but system not listen that port. Any suggestion how to solve this problem ? Thanks -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Cannot disconnect radius user using radclient
Hi All, I've successfully install coovachili anda freeradius using mysql database. Now I've just try to disconnect coovachilli user online with radclient command: I try with command bellow to disconect user=alice * echo User-Name=alice | radclient -x localhost:3779 disconnect testing123 * *Sending Disconnect-Request of id 126 to 127.0.0.1 port 3779* * User-Name = alice* *rad_recv: Disconnect-ACK packet from host 127.0.0.1 port 3779, id=126, length=20* And then, user alice be disconnect from coova. Then i try to give disconnect command using remote acces using command bellow : *echo User-Name=alice | radclient -x 192.168.2.3:3779 disconnect testing123* *Sending Disconnect-Request of id 78 to 192.168.2.3 port 3779* * User-Name = alice* *radclient: no response from server for ID 78 socket 3* * * Note: 192.168.2.3 is ip of radius server But no response from radius server. I've add on client.conf ip address which i use to radius client.But still have same problem. I try that command on my local machine using comand : *echo User-Name=alice | radclient -x 192.168.2.3:3779 disconnect testing123* * * Radius still no response. How i can execute this command both of on local and on remote machine ? Thanks -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Cannot disconnect radius user using radclient
I've run server on debug mode. But when i try to execute : echo User-Name=alice | radclient -x 192.168.2.3:3779 disconnect testing123 [output bellow] *$ echo User-Name=alice | radclient -x 192.168.2.3:3779 disconnect testing123* *Sending Disconnect-Request of id 185 to 192.168.2.3 port 3779* * User-Name = alice* *Sending Disconnect-Request of id 185 to 192.168.2.3 port 3779* * User-Name = alice* *Sending Disconnect-Request of id 185 to 192.168.2.3 port 3779* * User-Name = alice* *radclient: no response from server for ID 185 socket 3* * * On server radius debug mode there are no output, But when i try to execute *$ echo User-Name=alice | radclient -x localhost:3779 disconnect testing123* *Sending Disconnect-Request of id 40 to 127.0.0.1 port 3779* * User-Name = alice* *rad_recv: Disconnect-ACK packet from host 127.0.0.1 port 3779, id=40, length=20* i got log bellow on radius debug mode: *Cleaning up request 145 ID 213 with timestamp +22592* *Ready to process requests.* *rad_recv: Accounting-Request packet from host 127.0.0.1 port 3779, id=70, length=264* * ChilliSpot-Version = 1.3.0* * ChilliSpot-Attr-10 = 0x0002* * Event-Timestamp = Mar 10 2013 21:24:48 WIT* * User-Name = alice* * Acct-Input-Octets = 18078* * Acct-Output-Octets = 2132* * Acct-Input-Gigawords = 0* * Acct-Output-Gigawords = 0* * Acct-Input-Packets = 16* * Acct-Output-Packets = 18* * Acct-Session-Time = 16* * Acct-Terminate-Cause = Admin-Reset* * Acct-Status-Type = Stop* * Acct-Session-Id = 513c977b0001* * Framed-IP-Address = 10.1.0.3* * NAS-Port-Type = Wireless-802.11* * NAS-Port = 1* * NAS-Port-Id = 0001* * Calling-Station-Id = 00-19-DB-3B-84-15* * Called-Station-Id = F4-EC-38-80-74-3A* * NAS-IP-Address = 10.1.0.1* * NAS-Identifier = nas01* * WISPr-Location-ID = isocc=,cc=,ac=,network=Coova,* * WISPr-Location-Name = My_HotSpot* *# Executing section preacct from file /usr/local/etc/raddb/sites-enabled/default* *+- entering group preacct {...}* *++[preprocess] returns ok* * * *++[jradius] returns noop* *[acct_unique] Hashing 'NAS-Port = 1,NAS-Identifier = nas01,NAS-IP-Address = 10.1.0.1,Acct-Session-Id = 513c977b0001,User-Name = alice'* *[acct_unique] Acct-Unique-Session-ID = 111cacfa42a2853f.* *++[acct_unique] returns ok* *[suffix] No '@' in User-Name = alice, looking up realm NULL* *[suffix] No such realm NULL* *++[suffix] returns noop* *++[files] returns noop* *# Executing section accounting from file /usr/local/etc/raddb/sites-enabled/default* *+- entering group accounting {...}* *[detail] expand: %{Packet-Src-IP-Address} - 127.0.0.1* *[detail] expand: /usr/local/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d - /usr/local/var/log/radius/radacct/127.0.0.1/detail-20130310* *[detail] /usr/local/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/127.0.0.1/detail-20130310* *[detail] expand: %t - Sun Mar 10 21:24:48 2013* *++[detail] returns ok* * * *++[jradius] returns noop* *[sql] expand: %{User-Name} - alice* *[sql] sql_set_user escaped user -- 'alice'* *[sql] expand: %{Acct-Input-Gigawords} - 0* *[sql] expand: %{Acct-Input-Octets} - 18078* *[sql] expand: %{Acct-Output-Gigawords} - 0* *[sql] expand: %{Acct-Output-Octets} - 2132* *[sql] expand: %{Acct-Delay-Time} - * *[sql] ... expanding second conditional* *[sql] expand:UPDATE radacct SET acctstoptime = '%S', acctsessiontime= '%{Acct-Session-Time}', acctinputoctets= '%{%{Acct-Input-Gigawords}:-0}' 32 | '%{%{Acct-Input-Octets}:-0}', acctoutputoctets = '%{%{Acct-Output-Gigawords}:-0}' 32 | '%{%{Acct-Output-Octets}:-0}', acctterminatecause = '%{Acct-Terminate-Cause}', acctstopdelay = '%{%{Acct-Delay-Time}:-0}', connectinfo_stop = '%{Connect-Info}' WHERE acctsessionid = '%{Acct-Session-Id}' AND username = '%{SQL-User-Name}' AND nasipaddress = '%{NAS-IP-Address}' -UPDATE radacct SET acctstoptime = '2013-03-10 21:24:48', acctsessiontime= '16', acctinputoctets= '0' 32 | '18078', acctoutputoctets = '0' 32 | * *rlm_sql (sql): Reserving sql socket id: 2* *rlm_sql (sql): Released sql socket id: 2* *++[sql] returns ok* *++[exec] returns noop* *[attr_filter.accounting_response] expand: %{User-Name} - alice* *attr_filter: Matched entry DEFAULT at line 12* *++[attr_filter.accounting_response] returns updated* *Sending Accounting-Response of id 70 to 127.0.0.1 port 3779* *Finished request 147.* *Cleaning up request 147 ID 70 with timestamp +22608* *Going to the next request* *Ready to process requests.* Any suggestions ? On Sun, Mar 10, 2013 at 8:59 PM, Alan DeKok al...@deployingradius.comwrote: Iftakhul Anwar wrote: /echo User-Name=alice | radclient -x 192.168.2.3
Re: Cannot disconnect radius user using radclient
On site-avalaible/coa i've get this : listen { type = coa ipaddr = * port = 3799 server = coa } I think it have been listener 3799. I've try to dsable my firewall too, but still same problem On Sun, Mar 10, 2013 at 9:57 PM, Alan DeKok al...@deployingradius.comwrote: Iftakhul Anwar wrote: I've run server on debug mode. You didn't post it. As suggested in the FAQ, man page, web pages, and daily on this list. But when i try to execute : echo User-Name=alice | radclient -x 192.168.2.3:3779 disconnect testing123 You already said that. On server radius debug mode there are no output, So... you didn't configure the server to listen on port 3779. See raddb/sites-available/coa This is documented. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Cannot disconnect radius user using radclient
i've enable with link coa on site-avalaible to site-enable, when i try to run on debug mode also appear that port 3779 is listen: Sending Accounting-Response of id 1 to 127.0.0.1 port 3779 Finished request 2. Cleaning up request 2 ID 1 with timestamp +182 Going to the next request Waking up in 4.8 seconds. Cleaning up request 1 ID 6 with timestamp +181 Ready to process requests But when i try to execute command to disconnect , still not response: echo User-Name=alice | radclient -x 192.168.2.3:3779 disconnect testing123 Sending Disconnect-Request of id 78 to 192.168.2.3 port 3779 User-Name = alice Sending Disconnect-Request of id 78 to 192.168.2.3 port 3779 User-Name = alice Sending Disconnect-Request of id 78 to 192.168.2.3 port 3779 User-Name = alice radclient: no response from server for ID 78 socket 3 Actually i execute it inside radius server machie (ip 192.168.2.3) are there missing configuration ? On Sun, Mar 10, 2013 at 10:10 PM, Alan DeKok al...@deployingradius.comwrote: Iftakhul Anwar wrote: On site-avalaible/coa i've get this : You're supposed to READ IT. And ENABLE IT. You do know how to enable it, right? You know the difference between raddb/sites-enabled and raddb/sites-available? And the point of running the server in debugging mode is to READ IT. If it doesn't say listening on 3799, then you CAN'T SEND IT PACKETS to port 3799. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Cannot access radius server from remote host
Hi All, I just try connect radius server remotely. i've try to radtest with command : radtest user1 meruvian localhost 1812 testing123 Sending Access-Request of id 133 to 127.0.0.1 port 1812 User-Name = user1 User-Password = meruvian NAS-IP-Address = 127.0.0.1 NAS-Port = 1812 Message-Authenticator = 0x rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=133, length=20 ## i get accept response from radius server. But when i try with command bellow i got error message like a no respon from radius server: radtest user1 meruvian 192.168.2.3 1812 testing123 Sending Access-Request of id 12 to 192.168.2.3 port 1812 User-Name = user1 User-Password = meruvian NAS-IP-Address = 127.0.0.1 NAS-Port = 1812 Message-Authenticator = 0x Sending Access-Request of id 12 to 192.168.2.3 port 1812 User-Name = user1 User-Password = meruvian NAS-IP-Address = 127.0.0.1 NAS-Port = 1812 Message-Authenticator = 0x Sending Access-Request of id 12 to 192.168.2.3 port 1812 User-Name = user1 User-Password = meruvian NAS-IP-Address = 127.0.0.1 NAS-Port = 1812 Message-Authenticator = 0x radclient: no response from server for ID 12 socket 3 Note:192.168.2.3 is ip of radius server. How i can try to connect radius server from another host ? i've try to disable my firewall. but still get no respon from server. Help me to solve this. Thanks -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Cannot access radius server from remote host
Hi Muhammad, Thanks for your reply,it's solve my problem :) Thanks very much On Sat, Mar 9, 2013 at 5:43 PM, Muhammad Nadeem mnadeem8...@gmail.comwrote: For this you have to define the IP address and shared secret on the Radius server in client.config following is an entry that define that you can send request from an computer having 192.168.0.102 IP address. client 192.168.0.102 { ipaddr = 192.168.0.102 secret = testing123 } Please read client.config for further details On Sat, Mar 9, 2013 at 3:35 PM, Iftakhul Anwar an...@meruvian.org wrote: Hi All, I just try connect radius server remotely. i've try to radtest with command : radtest user1 meruvian localhost 1812 testing123 Sending Access-Request of id 133 to 127.0.0.1 port 1812 User-Name = user1 User-Password = meruvian NAS-IP-Address = 127.0.0.1 NAS-Port = 1812 Message-Authenticator = 0x rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=133, length=20 ## i get accept response from radius server. But when i try with command bellow i got error message like a no respon from radius server: radtest user1 meruvian 192.168.2.3 1812 testing123 Sending Access-Request of id 12 to 192.168.2.3 port 1812 User-Name = user1 User-Password = meruvian NAS-IP-Address = 127.0.0.1 NAS-Port = 1812 Message-Authenticator = 0x Sending Access-Request of id 12 to 192.168.2.3 port 1812 User-Name = user1 User-Password = meruvian NAS-IP-Address = 127.0.0.1 NAS-Port = 1812 Message-Authenticator = 0x Sending Access-Request of id 12 to 192.168.2.3 port 1812 User-Name = user1 User-Password = meruvian NAS-IP-Address = 127.0.0.1 NAS-Port = 1812 Message-Authenticator = 0x radclient: no response from server for ID 12 socket 3 Note:192.168.2.3 is ip of radius server. How i can try to connect radius server from another host ? i've try to disable my firewall. but still get no respon from server. Help me to solve this. Thanks -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Best Regards Muhammad Nadeem Muhammad Ali Jinnah University - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius with either LDAP or Mysql Error lib not found
I've installed mysql-server on my system even before i installed freeradius server. Any another tips to solve this ? On Fri, Mar 8, 2013 at 2:59 PM, Muhammad Nadeem mnadeem8...@gmail.comwrote: Fri Mar 8 13:44:46 2013 : Error: Could not link driver rlm_sql_mysql: rlm_sql_mysql.so: cannot open shared object file: No such file or directory It seems that your mysql drivers have not been installed successfully, thanks to freeradius, it has the option to install mysql server along free radius . (use this command sudo apt-get install mysql-server (somthing like that if not work,, google it). Hopefully problem will be solve On Fri, Mar 8, 2013 at 12:51 PM, Iftakhul Anwar an...@meruvian.orgwrote: Hi All I just try to config freeradius using either Mysql or LDAP. But i get same error like bellow : [errror Mysq] Fri Mar 8 13:44:46 2013 : Error: Could not link driver rlm_sql_mysql: rlm_sql_mysql.so: cannot open shared object file: No such file or directory Fri Mar 8 13:44:46 2013 : Error: Make sure it (and all its dependent libraries!) are in the search path of your system's ld. Fri Mar 8 13:44:46 2013 : Error: /usr/local/etc/raddb/sql.conf[22]: Instantiation failed for module sql Fri Mar 8 13:44:46 2013 : Error: /usr/local/etc/raddb/sites-enabled/default[177]: Failed to find sql in the modules section. Fri Mar 8 13:44:46 2013 : Error: /usr/local/etc/raddb/sites-enabled/default[69]: Errors parsing authorize section. i've read in some article that it's solved by installed mysql-devel package. In this case i've installed libmysqlclient-dev on my ubuntu 12.04 But still get same error. It's also happen on my freeradius ldap? [error LDAP] /usr/local/etc/raddb/modules/ldap[29]: Failed to link to module 'rlm_ldap': rlm_ldap.so: cannot open shared object file: No such file or directory /usr/local/etc/raddb/sites-enabled/default[305]: Failed to find ldap in the modules section. /usr/local/etc/raddb/sites-enabled/default[305]: Failed to parse ldap How i can solve this issue ? Thanks -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Best Regards Muhammad Nadeem Muhammad Ali Jinnah University - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius with either LDAP or Mysql Error lib not found
HI All, I just recompile my freeadius with specific directory library.I use command : ./configure --with-mysql-lib-dir=/usr/lib/mysql --with-ldap-lib-dir=/usr/lib/ldap Now ldap and mysql running well :D Thanks all On Fri, Mar 8, 2013 at 3:41 PM, Alan Buxey a.l.m.bu...@lboro.ac.uk wrote: As Fajar says, some distros split up the functions into separate packages (so you don't need to install loads of things just to have a basic server) use your package manager to find/install the sub packages alan -- This smartphone uses free WiFi around the world with eduroam, now that's what I call smart. -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Failed to load module jradius freeradius server
Hi Alan, Any guide how to test jradius on my freeradius configuration.I just want to ensure that my jradius configuration running well and next developer can using it. Thanks On Fri, Mar 8, 2013 at 3:39 PM, Alan Buxey a.l.m.bu...@lboro.ac.uk wrote: This is the freeradius list, not the jradius list. If you want help and advice then use the appropriate list Many thanks alan -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Failed to load module jradius freeradius server
Actually i install freeradius from apt-get , But i try configure jradius On Thu, Mar 7, 2013 at 6:27 PM, Olivier Beytrison oliv...@heliosnet.orgwrote: On 07.03.2013 07:57, Iftakhul Anwar wrote: HI All, I just installed free radius server using apt-get on my ubuntu machine. Now i want to configure jradius on my freeradius server. I follow step by step from http://coova.org/JRadius/**FreeRADIUShttp://coova.org/JRadius/FreeRADIUS . Are you sure ? By default rlm_jradius is not compiled because it is considered experimental. So you have either to add --with-experimental-modules=**yes or as explained on the link above to add rlm_jradius to src/modules/stable Now if the module failed to compile (check the compilation process) then it won't be installed in your system. You should have a rlm_jradius.so file where your freeradius libraries are installed. Olivier -- Olivier Beytrison Network Security Engineer, HES-SO Fribourg Mail: oliv...@heliosnet.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/** list/users.html http://www.freeradius.org/list/users.html -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Failed to load module jradius freeradius server
Actually i install freeradius from apt-get , But i try configure jradius following tutorial from http://coova.org/JRadius/FreeRADIUS How i can add this module to radius server if i using apt-get ? On Thu, Mar 7, 2013 at 10:55 PM, Iftakhul Anwar an...@meruvian.org wrote: Actually i install freeradius from apt-get , But i try configure jradius On Thu, Mar 7, 2013 at 6:27 PM, Olivier Beytrison oliv...@heliosnet.orgwrote: On 07.03.2013 07:57, Iftakhul Anwar wrote: HI All, I just installed free radius server using apt-get on my ubuntu machine. Now i want to configure jradius on my freeradius server. I follow step by step from http://coova.org/JRadius/**FreeRADIUShttp://coova.org/JRadius/FreeRADIUS . Are you sure ? By default rlm_jradius is not compiled because it is considered experimental. So you have either to add --with-experimental-modules=**yes or as explained on the link above to add rlm_jradius to src/modules/stable Now if the module failed to compile (check the compilation process) then it won't be installed in your system. You should have a rlm_jradius.so file where your freeradius libraries are installed. Olivier -- Olivier Beytrison Network Security Engineer, HES-SO Fribourg Mail: oliv...@heliosnet.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/** list/users.html http://www.freeradius.org/list/users.html -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Failed to load module jradius freeradius server
I try to configure with command : ./configure --with-experimental-modules=yes but i got error like bellow : if [ xrlm_cram != x ]; then \ /home/iam/Downloads/freeradius-server-2.2.0/libtool --mode=install /home/iam/Downloads/freeradius-server-2.2.0/install-sh -c -c \ rlm_cram.la /usr/local/lib/rlm_cram.la || exit $?; \ rm -f /usr/local/lib/rlm_cram-2.2.0.la; \ ln -s rlm_cram.la /usr/local/lib/rlm_cram-2.2.0.la || exit $?; \ fi libtool: install: `rlm_cram.la' is not a valid libtool archive Try `libtool --help --mode=install' for more information. make[6]: *** [install] Error 1 make[6]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0/src/modules/rlm_cram' make[5]: *** [rlm_cram] Error 2 make[5]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0/src/modules' make[4]: *** [install] Error 2 make[4]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0/src/modules' make[3]: *** [modules] Error 2 make[3]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0/src' make[2]: *** [install] Error 2 make[2]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0/src' make[1]: *** [src] Error 2 make[1]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0' How about copy rlm_jradius to src/modules/stable manually ? Where i can download rlm_jradius for freerdaius ? Thanks On Thu, Mar 7, 2013 at 11:06 PM, Olivier Beytrison oliv...@heliosnet.orgwrote: On 07.03.2013 16:56, Iftakhul Anwar wrote: Actually i install freeradius from apt-get , But i try configure jradius following tutorial from http://coova.org/JRadius/FreeRADIUS How i can add this module to radius server if i using apt-get ? You can't. You have to compile it. experimental modules are usually not available in binary distribution. Either compile it by hand and install it, or build your own debian packages. follow http://wiki.freeradius.org/building/Build and remember to add either --with-experimental-modules=yes or add rlm_jradius to src/modules/stable Olivier -- Olivier Beytrison Network Security Engineer, HES-SO Fribourg Mail: oliv...@heliosnet.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Failed to load module jradius freeradius server
i've found rlm_jradius on src/modules. But after i ./configure and make and make install i can't found jradius modules on my radiusd installation. Then I try to configure with command : ./configure --with-experimental-modules=yes but i got error like bellow : if [ xrlm_cram != x ]; then \ /home/iam/Downloads/freeradius-server-2.2.0/libtool --mode=install /home/iam/Downloads/freeradius-server-2.2.0/install-sh -c -c \ rlm_cram.la /usr/local/lib/rlm_cram.la || exit $?; \ rm -f /usr/local/lib/rlm_cram-2.2.0.la; \ ln -s rlm_cram.la /usr/local/lib/rlm_cram-2.2.0.la || exit $?; \ fi libtool: install: `rlm_cram.la' is not a valid libtool archive Try `libtool --help --mode=install' for more information. make[6]: *** [install] Error 1 make[6]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0/src/modules/rlm_cram' make[5]: *** [rlm_cram] Error 2 make[5]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0/src/modules' make[4]: *** [install] Error 2 make[4]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0/src/modules' make[3]: *** [modules] Error 2 make[3]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0/src' make[2]: *** [install] Error 2 make[2]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0/src' make[1]: *** [src] Error 2 make[1]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0' i'm running on ubuntu 12.04 is there bug of freeradius 2.2.0 for this ubuntu version On Fri, Mar 8, 2013 at 7:17 AM, Fajar A. Nugraha l...@fajar.net wrote: On Fri, Mar 8, 2013 at 3:02 AM, Arran Cudbard-Bell a.cudba...@freeradius.org wrote: On 7 Mar 2013, at 10:55, Iftakhul Anwar an...@meruvian.org wrote: Actually i install freeradius from apt-get , Right, so jradius won't have been built. Actually, it should be available. That is, if you use Ubuntu Quantal, or Debian Testing. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599067 http://changelogs.ubuntu.com/changelogs/pool/main/f/freeradius/freeradius_2.1.12+dfsg-1.1/changelog If you use older version of the distro (e.g. Ubuntu precise) then you either need to rebuild the source package, or learn how to install packages from other distro/versions. Both are outside the scope of this list, but should be easy to do with the help of Google search. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Failed to load module jradius freeradius server
num_answers_to_alive = 3 num_pings_to_alive = 3 revive_interval = 120 status_check_timeout = 4 } home_server_pool my_auth_failover { type = fail-over home_server = localhost } realm example.com { auth_pool = my_auth_failover } realm LOCAL { } Segmentation fault (core dumped) I'm running on ubuntu 12.04 machine. Any suggestion what should i do in order to jradius running on my radius server ? On Fri, Mar 8, 2013 at 7:21 AM, Iftakhul Anwar an...@meruvian.org wrote: i've found rlm_jradius on src/modules. But after i ./configure and make and make install i can't found jradius modules on my radiusd installation. Then I try to configure with command : ./configure --with-experimental-modules=yes but i got error like bellow : if [ xrlm_cram != x ]; then \ /home/iam/Downloads/freeradius-server-2.2.0/libtool --mode=install /home/iam/Downloads/freeradius-server-2.2.0/install-sh -c -c \ rlm_cram.la /usr/local/lib/rlm_cram.la || exit $?; \ rm -f /usr/local/lib/rlm_cram-2.2.0.la; \ ln -s rlm_cram.la /usr/local/lib/rlm_cram-2.2.0.la || exit $?; \ fi libtool: install: `rlm_cram.la' is not a valid libtool archive Try `libtool --help --mode=install' for more information. make[6]: *** [install] Error 1 make[6]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0/src/modules/rlm_cram' make[5]: *** [rlm_cram] Error 2 make[5]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0/src/modules' make[4]: *** [install] Error 2 make[4]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0/src/modules' make[3]: *** [modules] Error 2 make[3]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0/src' make[2]: *** [install] Error 2 make[2]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0/src' make[1]: *** [src] Error 2 make[1]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0' i'm running on ubuntu 12.04 is there bug of freeradius 2.2.0 for this ubuntu version On Fri, Mar 8, 2013 at 7:17 AM, Fajar A. Nugraha l...@fajar.net wrote: On Fri, Mar 8, 2013 at 3:02 AM, Arran Cudbard-Bell a.cudba...@freeradius.org wrote: On 7 Mar 2013, at 10:55, Iftakhul Anwar an...@meruvian.org wrote: Actually i install freeradius from apt-get , Right, so jradius won't have been built. Actually, it should be available. That is, if you use Ubuntu Quantal, or Debian Testing. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599067 http://changelogs.ubuntu.com/changelogs/pool/main/f/freeradius/freeradius_2.1.12+dfsg-1.1/changelog If you use older version of the distro (e.g. Ubuntu precise) then you either need to rebuild the source package, or learn how to install packages from other distro/versions. Both are outside the scope of this list, but should be easy to do with the help of Google search. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Failed to load module jradius freeradius server
Hi Fajar, What do you mean rebuilding source package ? i've recompile freeradius-server-2.1.1 from source code. But when i try to run, jradius still not found i try with some parameter in configure command = ./configure --with-experimental-modules=yes and i got error like above when i try to run my radius server On Fri, Mar 8, 2013 at 8:39 AM, Fajar A. Nugraha l...@fajar.net wrote: On Fri, Mar 8, 2013 at 12:30 PM, Iftakhul Anwar an...@meruvian.org wrote: I try to downgrade to freeradius-server-2.1.1 as following from http://coova.org/JRadius/FreeRADIUS But when i try to running radiusd on foregound i got error message like bellow : I'm running on ubuntu 12.04 machine. Any suggestion what should i do in order to jradius running on my radius server ? How about actually doing what was suggested? Really, rebuilding a source package is easy enough. Even installing a package from Quantal on Precise is known to work in most cases. Google is your friend. Unless, of course, you decide to completely ignore the suggestions and do your own thing. That's fine too, but don't go complaining if something goes wrong. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Failed to load module jradius freeradius server
What is the right syntax for compile using experimental module ? I've try to ./configure --with-experimental-modules=yes then make and make install. But on i can't find jradius module in {installation folder}/modules i've also try ./configure --with-experimental-modules=rlm_jradius, but still same.I can't find jradius module after installation Help me to solve this,please Thanks On Fri, Mar 8, 2013 at 9:00 AM, Iftakhul Anwar an...@meruvian.org wrote: Hi Fajar, What do you mean rebuilding source package ? i've recompile freeradius-server-2.1.1 from source code. But when i try to run, jradius still not found i try with some parameter in configure command = ./configure --with-experimental-modules=yes and i got error like above when i try to run my radius server On Fri, Mar 8, 2013 at 8:39 AM, Fajar A. Nugraha l...@fajar.net wrote: On Fri, Mar 8, 2013 at 12:30 PM, Iftakhul Anwar an...@meruvian.org wrote: I try to downgrade to freeradius-server-2.1.1 as following from http://coova.org/JRadius/FreeRADIUS But when i try to running radiusd on foregound i got error message like bellow : I'm running on ubuntu 12.04 machine. Any suggestion what should i do in order to jradius running on my radius server ? How about actually doing what was suggested? Really, rebuilding a source package is easy enough. Even installing a package from Quantal on Precise is known to work in most cases. Google is your friend. Unless, of course, you decide to completely ignore the suggestions and do your own thing. That's fine too, but don't go complaining if something goes wrong. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Freeradius with either LDAP or Mysql Error lib not found
Hi All I just try to config freeradius using either Mysql or LDAP. But i get same error like bellow : [errror Mysq] Fri Mar 8 13:44:46 2013 : Error: Could not link driver rlm_sql_mysql: rlm_sql_mysql.so: cannot open shared object file: No such file or directory Fri Mar 8 13:44:46 2013 : Error: Make sure it (and all its dependent libraries!) are in the search path of your system's ld. Fri Mar 8 13:44:46 2013 : Error: /usr/local/etc/raddb/sql.conf[22]: Instantiation failed for module sql Fri Mar 8 13:44:46 2013 : Error: /usr/local/etc/raddb/sites-enabled/default[177]: Failed to find sql in the modules section. Fri Mar 8 13:44:46 2013 : Error: /usr/local/etc/raddb/sites-enabled/default[69]: Errors parsing authorize section. i've read in some article that it's solved by installed mysql-devel package. In this case i've installed libmysqlclient-dev on my ubuntu 12.04 But still get same error. It's also happen on my freeradius ldap? [error LDAP] /usr/local/etc/raddb/modules/ldap[29]: Failed to link to module 'rlm_ldap': rlm_ldap.so: cannot open shared object file: No such file or directory /usr/local/etc/raddb/sites-enabled/default[305]: Failed to find ldap in the modules section. /usr/local/etc/raddb/sites-enabled/default[305]: Failed to parse ldap How i can solve this issue ? Thanks -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Failed to load module jradius freeradius server
HI All, I just installed free radius server using apt-get on my ubuntu machine. Now i want to configure jradius on my freeradius server. I follow step by step from http://coova.org/JRadius/FreeRADIUS. Firstly my freeradius server running well, whereas i've configure it with mysql and coovachilli. Then i configure with jradius, i inserted module on radius.conf file on module section like bellow : # configure the rlm_jradius module jradius { name = radius # The Requester name (a single # JRadius server can have # multiple applications) primary = localhost # Uses default port 1814 secondary = 192.168.2.3 # Fail-over server tertiary = 192.168.2.3:8002# Fail-over server on port 8002 timeout = 1 # Connect Timeout onfail= NOOP # What to do if no JRadius # Server is found. Options are: # FAIL (default), OK, REJECT, NOOP keepalive = yes # Keep connections to JRadius pooled connections = 8 # Number of pooled JRadius connections } Then i add some authorization on /etc/freeradius/site-avalaible/default like bellow authorize { ... jradius } post-auth { ... jradius Post-Auth-Type REJECT { jradius } } preacct { ... jradius } accounting { ... jradius } Finally i try to running on foreground to know that my configuration has been success, but i get error message like bellow : Thu Mar 7 13:56:15 2013 : Debug: } # modules Thu Mar 7 13:56:15 2013 : Debug: } # server Thu Mar 7 13:56:15 2013 : Debug: server { # from file /etc/freeradius/radiusd.conf Thu Mar 7 13:56:15 2013 : Debug: modules { Thu Mar 7 13:56:15 2013 : Debug: Module: Checking authenticate {...} for more modules to load Thu Mar 7 13:56:15 2013 : Debug: (Loaded rlm_digest, checking if it's valid) Thu Mar 7 13:56:15 2013 : Debug: Module: Linked to module rlm_digest Thu Mar 7 13:56:15 2013 : Debug: Module: Instantiating module digest from file /etc/freeradius/modules/digest Thu Mar 7 13:56:15 2013 : Debug: Module: Checking authorize {...} for more modules to load Thu Mar 7 13:56:15 2013 : Debug: (Loaded rlm_preprocess, checking if it's valid) Thu Mar 7 13:56:15 2013 : Debug: Module: Linked to module rlm_preprocess Thu Mar 7 13:56:15 2013 : Debug: Module: Instantiating module preprocess from file /etc/freeradius/modules/preprocess Thu Mar 7 13:56:15 2013 : Debug: preprocess { Thu Mar 7 13:56:15 2013 : Debug: huntgroups = /etc/freeradius/huntgroups Thu Mar 7 13:56:15 2013 : Debug: hints = /etc/freeradius/hints Thu Mar 7 13:56:15 2013 : Debug: with_ascend_hack = no Thu Mar 7 13:56:15 2013 : Debug: ascend_channels_per_line = 23 Thu Mar 7 13:56:15 2013 : Debug: with_ntdomain_hack = no Thu Mar 7 13:56:15 2013 : Debug: with_specialix_jetstream_hack = no Thu Mar 7 13:56:15 2013 : Debug: with_cisco_vsa_hack = no Thu Mar 7 13:56:15 2013 : Debug: with_alvarion_vsa_hack = no Thu Mar 7 13:56:15 2013 : Debug: } Thu Mar 7 13:56:15 2013 : Error: /etc/freeradius/radiusd.conf[644]: Failed to link to module 'rlm_jradius': file not found Thu Mar 7 13:56:15 2013 : Error: /etc/freeradius/sites-enabled/default[71]: Failed to load module jradius. Thu Mar 7 13:56:15 2013 : Error: /etc/freeradius/sites-enabled/default[62]: Errors parsing authorize section. What this error ? How i can solve this issue ? Thanks -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html