Radius Squid authentication REJECT
Hi All,
I have successfully configure freeradius with mysql. i can radtest using
command :
sudo radtest alice password 192.168.2.3 1812 testing123
Sending Access-Request of id 187 to 192.168.2.3 port 1812
User-Name = alice
User-Password = password
NAS-IP-Address = 127.0.1.1
NAS-Port = 1812
Message-Authenticator = 0x
rad_recv: Access-Accept packet from host 192.168.2.3 port 1812,
id=187, length=20
Now i try squid using radius authentication.
i followed step by step from :
http://safesrv.net/setup-squid-and-freeradius-on-centos-5/#comment-1043
But i got error message log on cache.log
Warning: Received invalid reply digest from server
Warning: Received invalid reply digest from server
Warning: Received invalid reply digest from server
squid_rad_auth: No response from RADIUS server
On radius -X debug there is error message like bellow :
Sending duplicate reply to client localprivate port 42003 – ID: 2
Sending Access-Reject of id 2 to 192.168.2.3 port 42003
Waking up in 2.9 seconds.
rad_recv: Access-Request packet from host 192.168.2.3 port 42003,
id=2, length=63
Sending duplicate reply to client localprivate port 42003 – ID: 2
Sending Access-Reject of id 2 to 192.168.2.3 port 42003
Waking up in 0.9 seconds.
Found Auth-Type = PAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group PAP {…}
[pap] login attempt with password “b9?I? +�(�Ч�Y�?”
[pap] Using clear text password “password”
[pap] Passwords don’t match
++[pap] returns reject
Failed to authenticate the user.
WARNING: Unprintable characters in the password. Double-check the
shared secret on the server and the NAS!
Using Post-Auth-Type REJECT
What is that error ? How i can solve this
Thanks
--
*M.Iftakhul Anwar*
Meruvian Integrator
High Performance Computing / Cloud Computing (HPC/CC)
Office Phone : 021-93586577
Mobile Phone : 085215331477
Blog : http://blog.mervpolis.com/roller/anwar
FB : http://www.facebook.com/troya.adromeda
Website : www.meruvian.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius Squid authentication REJECT
Hi Matthias,
I don't use on my squid_rad_auth.conf.No space on my scret.
This is my squid_rad_auth.conf
server 192.168.2.3
secret testing123
On my radcheck, i also using Cleartext-Password on my racheck table
Any another clue ?
Thanks
On Thu, Apr 11, 2013 at 3:59 PM, Matthias Nagel
matthias.h.na...@gmail.comwrote:
Hello,
did you do what the warning says and double checked the shared secret?
As far as I see the squid_rad_auth.conf does not use quotation marks ()
to delimit the shared secret. Hence, perhaps you have trailing white spaces
or something like that at the end of the line. Delete the line secret in
squid_rad_auth.conf and type it again. I really mean to delete it in order
to get rid of unprintable characters you might not see.
Matthias
Am Donnerstag 11 April 2013, 15:47:33 schrieb Iftakhul Anwar:
Hi All,
I have successfully configure freeradius with mysql. i can radtest using
command :
sudo radtest alice password 192.168.2.3 1812 testing123
Sending Access-Request of id 187 to 192.168.2.3 port 1812
User-Name = alice
User-Password = password
NAS-IP-Address = 127.0.1.1
NAS-Port = 1812
Message-Authenticator = 0x
rad_recv: Access-Accept packet from host 192.168.2.3 port 1812,
id=187, length=20
Now i try squid using radius authentication.
i followed step by step from :
http://safesrv.net/setup-squid-and-freeradius-on-centos-5/#comment-1043
But i got error message log on cache.log
Warning: Received invalid reply digest from server
Warning: Received invalid reply digest from server
Warning: Received invalid reply digest from server
squid_rad_auth: No response from RADIUS server
On radius -X debug there is error message like bellow :
Sending duplicate reply to client localprivate port 42003 – ID: 2
Sending Access-Reject of id 2 to 192.168.2.3 port 42003
Waking up in 2.9 seconds.
rad_recv: Access-Request packet from host 192.168.2.3 port 42003,
id=2, length=63
Sending duplicate reply to client localprivate port 42003 – ID: 2
Sending Access-Reject of id 2 to 192.168.2.3 port 42003
Waking up in 0.9 seconds.
Found Auth-Type = PAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group PAP {…}
[pap] login attempt with password “b9?I? +�(�Ч�Y�?”
[pap] Using clear text password “password”
[pap] Passwords don’t match
++[pap] returns reject
Failed to authenticate the user.
WARNING: Unprintable characters in the password. Double-check the
shared secret on the server and the NAS!
Using Post-Auth-Type REJECT
What is that error ? How i can solve this
Thanks
--
Matthias Nagel
Willy-Andreas-Allee 1, Zimmer 506
76131 Karlsruhe
Telefon: +49-721-8695-1506
Mobil: +49-151-15998774
e-Mail: matthias.h.na...@gmail.com
ICQ: 499797758
Skype: nagmat84
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
--
*M.Iftakhul Anwar*
Meruvian Integrator
High Performance Computing / Cloud Computing (HPC/CC)
Office Phone : 021-93586577
Mobile Phone : 085215331477
Blog : http://blog.mervpolis.com/roller/anwar
FB : http://www.facebook.com/troya.adromeda
Website : www.meruvian.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius Squid authentication REJECT
I just use enter after my shared secret.
Any suggestions ?
On Thu, Apr 11, 2013 at 4:17 PM, Matthias Nagel
matthias.h.na...@gmail.comwrote:
Hello,
Am Donnerstag 11 April 2013, 16:07:08 schrieb Iftakhul Anwar:
Hi Matthias,
I don't use on my squid_rad_auth.conf
I know, that is the reason why I asked you to check for non-printable
characters AFTER your shared secret.
No space on my scret.
And what is between the last printable character of your secret and the
new line?
Matthias
This is my squid_rad_auth.conf
server 192.168.2.3
secret testing123
On my radcheck, i also using Cleartext-Password on my racheck table
Any another clue ?
Thanks
On Thu, Apr 11, 2013 at 3:59 PM, Matthias Nagel
matthias.h.na...@gmail.comwrote:
Hello,
did you do what the warning says and double checked the shared secret?
As far as I see the squid_rad_auth.conf does not use quotation marks
()
to delimit the shared secret. Hence, perhaps you have trailing white
spaces
or something like that at the end of the line. Delete the line
secret in
squid_rad_auth.conf and type it again. I really mean to delete it in
order
to get rid of unprintable characters you might not see.
Matthias
Am Donnerstag 11 April 2013, 15:47:33 schrieb Iftakhul Anwar:
Hi All,
I have successfully configure freeradius with mysql. i can radtest
using
command :
sudo radtest alice password 192.168.2.3 1812 testing123
Sending Access-Request of id 187 to 192.168.2.3 port 1812
User-Name = alice
User-Password = password
NAS-IP-Address = 127.0.1.1
NAS-Port = 1812
Message-Authenticator = 0x
rad_recv: Access-Accept packet from host 192.168.2.3 port 1812,
id=187, length=20
Now i try squid using radius authentication.
i followed step by step from :
http://safesrv.net/setup-squid-and-freeradius-on-centos-5/#comment-1043
But i got error message log on cache.log
Warning: Received invalid reply digest from server
Warning: Received invalid reply digest from server
Warning: Received invalid reply digest from server
squid_rad_auth: No response from RADIUS server
On radius -X debug there is error message like bellow :
Sending duplicate reply to client localprivate port 42003 – ID: 2
Sending Access-Reject of id 2 to 192.168.2.3 port 42003
Waking up in 2.9 seconds.
rad_recv: Access-Request packet from host 192.168.2.3 port 42003,
id=2, length=63
Sending duplicate reply to client localprivate port 42003 – ID: 2
Sending Access-Reject of id 2 to 192.168.2.3 port 42003
Waking up in 0.9 seconds.
Found Auth-Type = PAP
# Executing group from file
/usr/local/etc/raddb/sites-enabled/default
+- entering group PAP {…}
[pap] login attempt with password “b9?I? +�(�Ч�Y�?”
[pap] Using clear text password “password”
[pap] Passwords don’t match
++[pap] returns reject
Failed to authenticate the user.
WARNING: Unprintable characters in the password. Double-check the
shared secret on the server and the NAS!
Using Post-Auth-Type REJECT
What is that error ? How i can solve this
Thanks
--
Matthias Nagel
Willy-Andreas-Allee 1, Zimmer 506
76131 Karlsruhe
Telefon: +49-721-8695-1506
Mobil: +49-151-15998774
e-Mail: matthias.h.na...@gmail.com
ICQ: 499797758
Skype: nagmat84
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
--
Matthias Nagel
Willy-Andreas-Allee 1, Zimmer 506
76131 Karlsruhe
Telefon: +49-721-8695-1506
Mobil: +49-151-15998774
e-Mail: matthias.h.na...@gmail.com
ICQ: 499797758
Skype: nagmat84
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
--
*M.Iftakhul Anwar*
Meruvian Integrator
High Performance Computing / Cloud Computing (HPC/CC)
Office Phone : 021-93586577
Mobile Phone : 085215331477
Blog : http://blog.mervpolis.com/roller/anwar
FB : http://www.facebook.com/troya.adromeda
Website : www.meruvian.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius Squid authentication REJECT
Hi Adam,
I'm sorry my previous attachment too large,
This attachment log of radiusd -X output when i try to login using user =
alice with passwrod=password
Thanks
On Thu, Apr 11, 2013 at 8:02 PM, Iftakhul Anwar an...@meruvian.org wrote:
Hi Adam,
This attachment log of radiusd -X output when i try to login using user =
alice with passwrod=password
On Thu, Apr 11, 2013 at 4:55 PM, Adam Bishop adam.bis...@ja.net wrote:
On 11 Apr 2013, at 10:35, Iftakhul Anwar an...@meruvian.org wrote:
I just use enter after my shared secret.
Any suggestions ?
There are three possibilities
* The shared secret is wrong in the squid radius file
* The shared secret is wrong in the freeradius clients file
* Squid is broken (I think this unlikely)
As you've not posted a full debug log, all we can do is guess.
My guess is that radtest is using the secret defined in
clients.conf:client 127.0.0.1/8 and squid is using the secret defined in
clients.conf:client 192.168.2.3
Post a full log, and we can probably do more than guess.
Adam Bishop
gpg: 0x6609D460
Janet, the UK's research and education network.
Janet(UK) is a trading name of Jisc Collections and Janet Limited, a
not-for-profit company which is registered in England under No. 2881024
and whose Registered Office is at Lumen House, Library Avenue,
Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
--
*M.Iftakhul Anwar*
Meruvian Integrator
High Performance Computing / Cloud Computing (HPC/CC)
Office Phone : 021-93586577
Mobile Phone : 085215331477
Blog : http://blog.mervpolis.com/roller/anwar
FB : http://www.facebook.com/troya.adromeda
Website : www.meruvian.org
--
*M.Iftakhul Anwar*
Meruvian Integrator
High Performance Computing / Cloud Computing (HPC/CC)
Office Phone : 021-93586577
Mobile Phone : 085215331477
Blog : http://blog.mervpolis.com/roller/anwar
FB : http://www.facebook.com/troya.adromeda
Website : www.meruvian.org
rlm_sql (sql): Attempting to connect rlm_sql_mysql #2
rlm_sql_mysql: Starting connect to MySQL server for #2
rlm_sql (sql): Connected new DB handle, #2
rlm_sql (sql): starting 3
rlm_sql (sql): Attempting to connect rlm_sql_mysql #3
rlm_sql_mysql: Starting connect to MySQL server for #3
rlm_sql (sql): Connected new DB handle, #3
rlm_sql (sql): starting 4
rlm_sql (sql): Attempting to connect rlm_sql_mysql #4
rlm_sql_mysql: Starting connect to MySQL server for #4
rlm_sql (sql): Connected new DB handle, #4
Module: Checking preacct {...} for more modules to load
Module: Linked to module rlm_acct_unique
Module: Instantiating module acct_unique from file
/usr/local/etc/raddb/modules/acct_unique
acct_unique {
key = User-Name, Acct-Session-Id, NAS-IP-Address, NAS-Identifier,
NAS-Port
}
Module: Checking accounting {...} for more modules to load
Module: Linked to module rlm_detail
Module: Instantiating module detail from file
/usr/local/etc/raddb/modules/detail
detail {
detailfile =
/usr/local/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d
header = %t
detailperm = 384
dirperm = 493
locking = no
log_packet_header = no
}
Module: Linked to module rlm_attr_filter
Module: Instantiating module attr_filter.accounting_response from file
/usr/local/etc/raddb/modules/attr_filter
attr_filter attr_filter.accounting_response {
attrsfile = /usr/local/etc/raddb/attrs.accounting_response
key = %{User-Name}
relaxed = no
}
reading pairlist file /usr/local/etc/raddb/attrs.accounting_response
Module: Checking session {...} for more modules to load
Module: Linked to module rlm_radutmp
Module: Instantiating module radutmp from file
/usr/local/etc/raddb/modules/radutmp
radutmp {
filename = /usr/local/var/log/radius/radutmp
username = %{User-Name}
case_sensitive = yes
check_with_nas = yes
perm = 384
callerid = yes
}
Module: Checking post-proxy {...} for more modules to load
Module: Checking post-auth {...} for more modules to load
Module: Instantiating module attr_filter.access_reject from file
/usr/local/etc/raddb/modules/attr_filter
attr_filter attr_filter.access_reject {
attrsfile = /usr/local/etc/raddb/attrs.access_reject
key = %{User-Name}
relaxed = no
}
reading pairlist file /usr/local/etc/raddb/attrs.access_reject
} # modules
} # server
server inner-tunnel { # from file
/usr/local/etc/raddb/sites-enabled/inner-tunnel
modules {
Module: Checking authenticate {...} for more modules to load
Module: Checking authorize {...} for more modules to load
Module: Checking session {...} for more modules to load
Module: Checking post-proxy {...} for more modules to load
Module: Checking post-auth
Re: Radius Squid authentication REJECT
I'm sorry i really newbie. Actually my shared password is default using testing123.This is my configuration on my squid_rad_auth.conf squid_rad_auth.conf - server 192.168.2.3 secret testing123 and this is my configuration on squid.conf # TAG: auth_param #auth_param basic program /etc/squid3/squid_radius_auth -f /etc/squid3/squid_rad_auth.conf auth_param basic program /etc/squid3/squid_radius_auth -f /usr/local/squid/etc/squid_radius_auth.conf auth_param basic children 5 auth_param basic realm web-proxy auth_param basic credentialsttl 5 minutes auth_param basic casesensitive off acl radius-auth proxy_auth REQUIRED # TAG: http_access http_access allow radius-auth http_access allow localhost any something wrong ? i suspicious in log: [pap] login attempt with password “b9?I? +�(�Ч�Y�?” [pap] Using clear text password “password” [pap] Passwords don’t match Is it because of different authentification method between squid and radius ? On Thu, Apr 11, 2013 at 10:35 PM, a.l.m.bu...@lboro.ac.uk wrote: Hi, look: WARNING: Unprintable characters in the password. Double-check the shared secret on the server and the NAS! there. incorrect shared secret...as already said several times in this thread...OR the squid code is broken. if this is working fine, then because its PAP you will see the password in User-Password clear as day. you dont, its all corrupted, because incorrect shared secret. put eg radtest onto the squid box and check that you can fire off a dumb RADIUS query to your FR box from the squid box alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius Squid authentication REJECT
Hi,
I'm sorry,
This is response log from radiusd -X when i try long using usr:alice
password: password
Cleaning up request 3 ID 4 with timestamp +116
Ready to process requests.
rad_recv: Access-Request packet from host 192.168.2.3 port 55467, id=4,
length=63
User-Name = alice
User-Password = \335\307-\245#ˎ!7\036f\023\217\3630\257
NAS-Port = 111
NAS-Port-Type = Async
NAS-IP-Address = 192.168.2.3
# Executing section authorize from file
/usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = alice, looking up realm NULL
[suffix] No such realm NULL
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
++[files] returns noop
[sql] expand: %{User-Name} - alice
[sql] sql_set_user escaped user -- 'alice'
rlm_sql (sql): Reserving sql socket id: 0
[sql] expand: SELECT id, username, attribute, value, op FROM
radcheck WHERE username = '%{SQL-User-Name}' ORDER BY
id - SELECT id, username, attribute, value, op FROM radcheck
WHERE username = 'alice' ORDER BY id
[sql] User found in radcheck table
[sql] expand: SELECT id, username, attribute, value, op FROM
radreply WHERE username = '%{SQL-User-Name}' ORDER BY
id - SELECT id, username, attribute, value, op FROM radreply
WHERE username = 'alice' ORDER BY id
[sql] expand: SELECT groupname FROM radusergroup WHERE
username = '%{SQL-User-Name}' ORDER BY priority - SELECT
groupname FROM radusergroup WHERE username = 'alice'
ORDER BY priority
rlm_sql (sql): Released sql socket id: 0
++[sql] returns ok
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns updated
Found Auth-Type = PAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group PAP {...}
[pap] login attempt with password \DD\C7-\A5#\CB?!7?f??\F30\AF
[pap] Using clear text password password
[pap] Passwords don't match
++[pap] returns reject
Failed to authenticate the user.
WARNING: Unprintable characters in the password. Double-check the shared
secret on the server and the NAS!
Using Post-Auth-Type REJECT
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group REJECT {...}
[attr_filter.access_reject] expand: %{User-Name} - alice
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 4 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 4
Sending Access-Reject of id 4 to 192.168.2.3 port 55467
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 192.168.2.3 port 55467, id=4,
length=63
Sending duplicate reply to client localprivate port 55467 - ID: 4
Sending Access-Reject of id 4 to 192.168.2.3 port 55467
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 192.168.2.3 port 55467, id=4,
length=63
Sending duplicate reply to client localprivate port 55467 - ID: 4
Sending Access-Reject of id 4 to 192.168.2.3 port 55467
Waking up in 3.9 seconds.
rad_recv: Access-Request packet from host 192.168.2.3 port 55467, id=4,
length=63
Sending duplicate reply to client localprivate port 55467 - ID: 4
Sending Access-Reject of id 4 to 192.168.2.3 port 55467
Waking up in 2.9 seconds.
rad_recv: Access-Request packet from host 192.168.2.3 port 55467, id=4,
length=63
Sending duplicate reply to client localprivate port 55467 - ID: 4
Sending Access-Reject of id 4 to 192.168.2.3 port 55467
Waking up in 1.9 seconds.
rad_recv: Access-Request packet from host 192.168.2.3 port 55467, id=4,
length=63
Sending duplicate reply to client localprivate port 55467 - ID: 4
Sending Access-Reject of id 4 to 192.168.2.3 port 55467
Waking up in 0.9 seconds.
Cleaning up request 4 ID 4 with timestamp +122
Ready to process requests.
On Thu, Apr 11, 2013 at 11:22 PM, a.l.m.bu...@lboro.ac.uk wrote:
Hi,
Hi, previously i've attached my log as attachment :)
no, you havent :-(
all you have attached is the stuff that you felt you wanted to send.
without sending
the FULL output of radiusd -X FROM THE START we cannot see where you have
gone wrong.
HOW can we help if you dont give us the information we request?
alan
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
--
*M.Iftakhul Anwar*
Meruvian Integrator
High Performance Computing / Cloud Computing (HPC/CC)
Office Phone : 021-93586577
Mobile Phone : 085215331477
Blog : http://blog.mervpolis.com/roller/anwar
FB : http://www.facebook.com/troya.adromeda
Website : www.meruvian.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius Squid authentication REJECT
Hi All Thanks i've successfull configure squid using radius authentification. Actually i need install squid from source with parameter bellow when compile that source ( http://wiki.squid-cache.org/ConfigExamples/Authenticate/Radius) *--enable-basic-auth-helpers=squid_radius_auth* Previously i used squid3 from apt-get . Thanks :) * * * * * * On Fri, Apr 12, 2013 at 12:36 AM, Alan DeKok al...@deployingradius.comwrote: Iftakhul Anwar wrote: This is response log from radiusd -X when i try long using usr:alice password: password No, it's not. You need to follow instructions. If you ask questions and ignore the answers, that's rude. Either follow instructions, or stop posting the same questions. If you don't follow instructions, you will be unsubscribed and banned from the list. Following instructions shouldn't be hard. Do it, or else. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Failed to disconnect online user with custom table
Hi All, I've develop application which use freeradius and use coova as captive portal.I use jradius to communicate with freeradius. Now, new user will be store in my custom table (not in radcheck as default freeradius). Now i try to disconnect user online (use:admin) with command bellow : *sudo echo User-Name=admin | radclient -x localhost:3779 disconnect testing123* but i get no response like bellow : Sending Disconnect-Request of id 251 to 127.0.0.1 port 3779 User-Name = admin Sending Disconnect-Request of id 251 to 127.0.0.1 port 3779 User-Name = admin Sending Disconnect-Request of id 251 to 127.0.0.1 port 3779 User-Name = admin radclient: no response from server for ID 251 socket 3 I try to check 3779 port with netstat, but system not listen that port. Any suggestion how to solve this problem ? Thanks -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Cannot disconnect radius user using radclient
Hi All, I've successfully install coovachili anda freeradius using mysql database. Now I've just try to disconnect coovachilli user online with radclient command: I try with command bellow to disconect user=alice * echo User-Name=alice | radclient -x localhost:3779 disconnect testing123 * *Sending Disconnect-Request of id 126 to 127.0.0.1 port 3779* * User-Name = alice* *rad_recv: Disconnect-ACK packet from host 127.0.0.1 port 3779, id=126, length=20* And then, user alice be disconnect from coova. Then i try to give disconnect command using remote acces using command bellow : *echo User-Name=alice | radclient -x 192.168.2.3:3779 disconnect testing123* *Sending Disconnect-Request of id 78 to 192.168.2.3 port 3779* * User-Name = alice* *radclient: no response from server for ID 78 socket 3* * * Note: 192.168.2.3 is ip of radius server But no response from radius server. I've add on client.conf ip address which i use to radius client.But still have same problem. I try that command on my local machine using comand : *echo User-Name=alice | radclient -x 192.168.2.3:3779 disconnect testing123* * * Radius still no response. How i can execute this command both of on local and on remote machine ? Thanks -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Cannot disconnect radius user using radclient
I've run server on debug mode.
But when i try to execute : echo User-Name=alice | radclient -x
192.168.2.3:3779 disconnect testing123
[output bellow]
*$ echo User-Name=alice | radclient -x 192.168.2.3:3779 disconnect
testing123*
*Sending Disconnect-Request of id 185 to 192.168.2.3 port 3779*
* User-Name = alice*
*Sending Disconnect-Request of id 185 to 192.168.2.3 port 3779*
* User-Name = alice*
*Sending Disconnect-Request of id 185 to 192.168.2.3 port 3779*
* User-Name = alice*
*radclient: no response from server for ID 185 socket 3*
*
*
On server radius debug mode there are no output,
But when i try to execute
*$ echo User-Name=alice | radclient -x localhost:3779 disconnect
testing123*
*Sending Disconnect-Request of id 40 to 127.0.0.1 port 3779*
* User-Name = alice*
*rad_recv: Disconnect-ACK packet from host 127.0.0.1 port 3779, id=40,
length=20*
i got log bellow on radius debug mode:
*Cleaning up request 145 ID 213 with timestamp +22592*
*Ready to process requests.*
*rad_recv: Accounting-Request packet from host 127.0.0.1 port 3779, id=70,
length=264*
* ChilliSpot-Version = 1.3.0*
* ChilliSpot-Attr-10 = 0x0002*
* Event-Timestamp = Mar 10 2013 21:24:48 WIT*
* User-Name = alice*
* Acct-Input-Octets = 18078*
* Acct-Output-Octets = 2132*
* Acct-Input-Gigawords = 0*
* Acct-Output-Gigawords = 0*
* Acct-Input-Packets = 16*
* Acct-Output-Packets = 18*
* Acct-Session-Time = 16*
* Acct-Terminate-Cause = Admin-Reset*
* Acct-Status-Type = Stop*
* Acct-Session-Id = 513c977b0001*
* Framed-IP-Address = 10.1.0.3*
* NAS-Port-Type = Wireless-802.11*
* NAS-Port = 1*
* NAS-Port-Id = 0001*
* Calling-Station-Id = 00-19-DB-3B-84-15*
* Called-Station-Id = F4-EC-38-80-74-3A*
* NAS-IP-Address = 10.1.0.1*
* NAS-Identifier = nas01*
* WISPr-Location-ID = isocc=,cc=,ac=,network=Coova,*
* WISPr-Location-Name = My_HotSpot*
*# Executing section preacct from file
/usr/local/etc/raddb/sites-enabled/default*
*+- entering group preacct {...}*
*++[preprocess] returns ok*
*
*
*++[jradius] returns noop*
*[acct_unique] Hashing 'NAS-Port = 1,NAS-Identifier =
nas01,NAS-IP-Address = 10.1.0.1,Acct-Session-Id =
513c977b0001,User-Name = alice'*
*[acct_unique] Acct-Unique-Session-ID = 111cacfa42a2853f.*
*++[acct_unique] returns ok*
*[suffix] No '@' in User-Name = alice, looking up realm NULL*
*[suffix] No such realm NULL*
*++[suffix] returns noop*
*++[files] returns noop*
*# Executing section accounting from file
/usr/local/etc/raddb/sites-enabled/default*
*+- entering group accounting {...}*
*[detail] expand: %{Packet-Src-IP-Address} - 127.0.0.1*
*[detail] expand:
/usr/local/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d
- /usr/local/var/log/radius/radacct/127.0.0.1/detail-20130310*
*[detail]
/usr/local/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d
expands to /usr/local/var/log/radius/radacct/127.0.0.1/detail-20130310*
*[detail] expand: %t - Sun Mar 10 21:24:48 2013*
*++[detail] returns ok*
*
*
*++[jradius] returns noop*
*[sql] expand: %{User-Name} - alice*
*[sql] sql_set_user escaped user -- 'alice'*
*[sql] expand: %{Acct-Input-Gigawords} - 0*
*[sql] expand: %{Acct-Input-Octets} - 18078*
*[sql] expand: %{Acct-Output-Gigawords} - 0*
*[sql] expand: %{Acct-Output-Octets} - 2132*
*[sql] expand: %{Acct-Delay-Time} - *
*[sql] ... expanding second conditional*
*[sql] expand:UPDATE radacct SET acctstoptime
= '%S', acctsessiontime= '%{Acct-Session-Time}',
acctinputoctets= '%{%{Acct-Input-Gigawords}:-0}' 32 |
'%{%{Acct-Input-Octets}:-0}',
acctoutputoctets = '%{%{Acct-Output-Gigawords}:-0}' 32 |
'%{%{Acct-Output-Octets}:-0}',
acctterminatecause = '%{Acct-Terminate-Cause}', acctstopdelay
= '%{%{Acct-Delay-Time}:-0}', connectinfo_stop =
'%{Connect-Info}' WHERE acctsessionid = '%{Acct-Session-Id}'
AND username = '%{SQL-User-Name}' AND
nasipaddress = '%{NAS-IP-Address}' -UPDATE radacct SET
acctstoptime = '2013-03-10 21:24:48',
acctsessiontime= '16', acctinputoctets= '0' 32 |
'18078', acctoutputoctets =
'0' 32 | *
*rlm_sql (sql): Reserving sql socket id: 2*
*rlm_sql (sql): Released sql socket id: 2*
*++[sql] returns ok*
*++[exec] returns noop*
*[attr_filter.accounting_response] expand: %{User-Name} - alice*
*attr_filter: Matched entry DEFAULT at line 12*
*++[attr_filter.accounting_response] returns updated*
*Sending Accounting-Response of id 70 to 127.0.0.1 port 3779*
*Finished request 147.*
*Cleaning up request 147 ID 70 with timestamp +22608*
*Going to the next request*
*Ready to process requests.*
Any suggestions ?
On Sun, Mar 10, 2013 at 8:59 PM, Alan DeKok al...@deployingradius.comwrote:
Iftakhul Anwar wrote:
/echo User-Name=alice | radclient -x 192.168.2.3
Re: Cannot disconnect radius user using radclient
On site-avalaible/coa i've get this :
listen {
type = coa
ipaddr = *
port = 3799
server = coa
}
I think it have been listener 3799.
I've try to dsable my firewall too, but still same problem
On Sun, Mar 10, 2013 at 9:57 PM, Alan DeKok al...@deployingradius.comwrote:
Iftakhul Anwar wrote:
I've run server on debug mode.
You didn't post it. As suggested in the FAQ, man page, web pages,
and daily on this list.
But when i try to execute : echo User-Name=alice | radclient -x
192.168.2.3:3779 disconnect testing123
You already said that.
On server radius debug mode there are no output,
So... you didn't configure the server to listen on port 3779. See
raddb/sites-available/coa
This is documented.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
--
*M.Iftakhul Anwar*
Meruvian Integrator
High Performance Computing / Cloud Computing (HPC/CC)
Office Phone : 021-93586577
Mobile Phone : 085215331477
Blog : http://blog.mervpolis.com/roller/anwar
FB : http://www.facebook.com/troya.adromeda
Website : www.meruvian.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Cannot disconnect radius user using radclient
i've enable with link coa on site-avalaible to site-enable, when i try to run on debug mode also appear that port 3779 is listen: Sending Accounting-Response of id 1 to 127.0.0.1 port 3779 Finished request 2. Cleaning up request 2 ID 1 with timestamp +182 Going to the next request Waking up in 4.8 seconds. Cleaning up request 1 ID 6 with timestamp +181 Ready to process requests But when i try to execute command to disconnect , still not response: echo User-Name=alice | radclient -x 192.168.2.3:3779 disconnect testing123 Sending Disconnect-Request of id 78 to 192.168.2.3 port 3779 User-Name = alice Sending Disconnect-Request of id 78 to 192.168.2.3 port 3779 User-Name = alice Sending Disconnect-Request of id 78 to 192.168.2.3 port 3779 User-Name = alice radclient: no response from server for ID 78 socket 3 Actually i execute it inside radius server machie (ip 192.168.2.3) are there missing configuration ? On Sun, Mar 10, 2013 at 10:10 PM, Alan DeKok al...@deployingradius.comwrote: Iftakhul Anwar wrote: On site-avalaible/coa i've get this : You're supposed to READ IT. And ENABLE IT. You do know how to enable it, right? You know the difference between raddb/sites-enabled and raddb/sites-available? And the point of running the server in debugging mode is to READ IT. If it doesn't say listening on 3799, then you CAN'T SEND IT PACKETS to port 3799. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Cannot access radius server from remote host
Hi All, I just try connect radius server remotely. i've try to radtest with command : radtest user1 meruvian localhost 1812 testing123 Sending Access-Request of id 133 to 127.0.0.1 port 1812 User-Name = user1 User-Password = meruvian NAS-IP-Address = 127.0.0.1 NAS-Port = 1812 Message-Authenticator = 0x rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=133, length=20 ## i get accept response from radius server. But when i try with command bellow i got error message like a no respon from radius server: radtest user1 meruvian 192.168.2.3 1812 testing123 Sending Access-Request of id 12 to 192.168.2.3 port 1812 User-Name = user1 User-Password = meruvian NAS-IP-Address = 127.0.0.1 NAS-Port = 1812 Message-Authenticator = 0x Sending Access-Request of id 12 to 192.168.2.3 port 1812 User-Name = user1 User-Password = meruvian NAS-IP-Address = 127.0.0.1 NAS-Port = 1812 Message-Authenticator = 0x Sending Access-Request of id 12 to 192.168.2.3 port 1812 User-Name = user1 User-Password = meruvian NAS-IP-Address = 127.0.0.1 NAS-Port = 1812 Message-Authenticator = 0x radclient: no response from server for ID 12 socket 3 Note:192.168.2.3 is ip of radius server. How i can try to connect radius server from another host ? i've try to disable my firewall. but still get no respon from server. Help me to solve this. Thanks -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Cannot access radius server from remote host
Hi Muhammad,
Thanks for your reply,it's solve my problem :)
Thanks very much
On Sat, Mar 9, 2013 at 5:43 PM, Muhammad Nadeem mnadeem8...@gmail.comwrote:
For this you have to define the IP address and shared secret on the Radius
server in client.config
following is an entry that define that you can send request from an
computer having 192.168.0.102 IP address.
client 192.168.0.102 {
ipaddr = 192.168.0.102
secret = testing123
}
Please read client.config for further details
On Sat, Mar 9, 2013 at 3:35 PM, Iftakhul Anwar an...@meruvian.org wrote:
Hi All,
I just try connect radius server remotely.
i've try to radtest with command :
radtest user1 meruvian localhost 1812 testing123
Sending Access-Request of id 133 to 127.0.0.1 port 1812
User-Name = user1
User-Password = meruvian
NAS-IP-Address = 127.0.0.1
NAS-Port = 1812
Message-Authenticator = 0x
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=133,
length=20
## i get accept response from radius server.
But when i try with command bellow i got error message like a no respon
from radius server:
radtest user1 meruvian 192.168.2.3 1812 testing123
Sending Access-Request of id 12 to 192.168.2.3 port 1812
User-Name = user1
User-Password = meruvian
NAS-IP-Address = 127.0.0.1
NAS-Port = 1812
Message-Authenticator = 0x
Sending Access-Request of id 12 to 192.168.2.3 port 1812
User-Name = user1
User-Password = meruvian
NAS-IP-Address = 127.0.0.1
NAS-Port = 1812
Message-Authenticator = 0x
Sending Access-Request of id 12 to 192.168.2.3 port 1812
User-Name = user1
User-Password = meruvian
NAS-IP-Address = 127.0.0.1
NAS-Port = 1812
Message-Authenticator = 0x
radclient: no response from server for ID 12 socket 3
Note:192.168.2.3 is ip of radius server.
How i can try to connect radius server from another host ? i've try to
disable my firewall. but still get no respon from server.
Help me to solve this.
Thanks
--
*M.Iftakhul Anwar*
Meruvian Integrator
High Performance Computing / Cloud Computing (HPC/CC)
Office Phone : 021-93586577
Mobile Phone : 085215331477
Blog : http://blog.mervpolis.com/roller/anwar
FB : http://www.facebook.com/troya.adromeda
Website : www.meruvian.org
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
--
Best Regards
Muhammad Nadeem
Muhammad Ali Jinnah University
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
--
*M.Iftakhul Anwar*
Meruvian Integrator
High Performance Computing / Cloud Computing (HPC/CC)
Office Phone : 021-93586577
Mobile Phone : 085215331477
Blog : http://blog.mervpolis.com/roller/anwar
FB : http://www.facebook.com/troya.adromeda
Website : www.meruvian.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius with either LDAP or Mysql Error lib not found
I've installed mysql-server on my system even before i installed freeradius server. Any another tips to solve this ? On Fri, Mar 8, 2013 at 2:59 PM, Muhammad Nadeem mnadeem8...@gmail.comwrote: Fri Mar 8 13:44:46 2013 : Error: Could not link driver rlm_sql_mysql: rlm_sql_mysql.so: cannot open shared object file: No such file or directory It seems that your mysql drivers have not been installed successfully, thanks to freeradius, it has the option to install mysql server along free radius . (use this command sudo apt-get install mysql-server (somthing like that if not work,, google it). Hopefully problem will be solve On Fri, Mar 8, 2013 at 12:51 PM, Iftakhul Anwar an...@meruvian.orgwrote: Hi All I just try to config freeradius using either Mysql or LDAP. But i get same error like bellow : [errror Mysq] Fri Mar 8 13:44:46 2013 : Error: Could not link driver rlm_sql_mysql: rlm_sql_mysql.so: cannot open shared object file: No such file or directory Fri Mar 8 13:44:46 2013 : Error: Make sure it (and all its dependent libraries!) are in the search path of your system's ld. Fri Mar 8 13:44:46 2013 : Error: /usr/local/etc/raddb/sql.conf[22]: Instantiation failed for module sql Fri Mar 8 13:44:46 2013 : Error: /usr/local/etc/raddb/sites-enabled/default[177]: Failed to find sql in the modules section. Fri Mar 8 13:44:46 2013 : Error: /usr/local/etc/raddb/sites-enabled/default[69]: Errors parsing authorize section. i've read in some article that it's solved by installed mysql-devel package. In this case i've installed libmysqlclient-dev on my ubuntu 12.04 But still get same error. It's also happen on my freeradius ldap? [error LDAP] /usr/local/etc/raddb/modules/ldap[29]: Failed to link to module 'rlm_ldap': rlm_ldap.so: cannot open shared object file: No such file or directory /usr/local/etc/raddb/sites-enabled/default[305]: Failed to find ldap in the modules section. /usr/local/etc/raddb/sites-enabled/default[305]: Failed to parse ldap How i can solve this issue ? Thanks -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Best Regards Muhammad Nadeem Muhammad Ali Jinnah University - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius with either LDAP or Mysql Error lib not found
HI All, I just recompile my freeadius with specific directory library.I use command : ./configure --with-mysql-lib-dir=/usr/lib/mysql --with-ldap-lib-dir=/usr/lib/ldap Now ldap and mysql running well :D Thanks all On Fri, Mar 8, 2013 at 3:41 PM, Alan Buxey a.l.m.bu...@lboro.ac.uk wrote: As Fajar says, some distros split up the functions into separate packages (so you don't need to install loads of things just to have a basic server) use your package manager to find/install the sub packages alan -- This smartphone uses free WiFi around the world with eduroam, now that's what I call smart. -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Failed to load module jradius freeradius server
Hi Alan, Any guide how to test jradius on my freeradius configuration.I just want to ensure that my jradius configuration running well and next developer can using it. Thanks On Fri, Mar 8, 2013 at 3:39 PM, Alan Buxey a.l.m.bu...@lboro.ac.uk wrote: This is the freeradius list, not the jradius list. If you want help and advice then use the appropriate list Many thanks alan -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Failed to load module jradius freeradius server
Actually i install freeradius from apt-get , But i try configure jradius On Thu, Mar 7, 2013 at 6:27 PM, Olivier Beytrison oliv...@heliosnet.orgwrote: On 07.03.2013 07:57, Iftakhul Anwar wrote: HI All, I just installed free radius server using apt-get on my ubuntu machine. Now i want to configure jradius on my freeradius server. I follow step by step from http://coova.org/JRadius/**FreeRADIUShttp://coova.org/JRadius/FreeRADIUS . Are you sure ? By default rlm_jradius is not compiled because it is considered experimental. So you have either to add --with-experimental-modules=**yes or as explained on the link above to add rlm_jradius to src/modules/stable Now if the module failed to compile (check the compilation process) then it won't be installed in your system. You should have a rlm_jradius.so file where your freeradius libraries are installed. Olivier -- Olivier Beytrison Network Security Engineer, HES-SO Fribourg Mail: oliv...@heliosnet.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/** list/users.html http://www.freeradius.org/list/users.html -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Failed to load module jradius freeradius server
Actually i install freeradius from apt-get , But i try configure jradius following tutorial from http://coova.org/JRadius/FreeRADIUS How i can add this module to radius server if i using apt-get ? On Thu, Mar 7, 2013 at 10:55 PM, Iftakhul Anwar an...@meruvian.org wrote: Actually i install freeradius from apt-get , But i try configure jradius On Thu, Mar 7, 2013 at 6:27 PM, Olivier Beytrison oliv...@heliosnet.orgwrote: On 07.03.2013 07:57, Iftakhul Anwar wrote: HI All, I just installed free radius server using apt-get on my ubuntu machine. Now i want to configure jradius on my freeradius server. I follow step by step from http://coova.org/JRadius/**FreeRADIUShttp://coova.org/JRadius/FreeRADIUS . Are you sure ? By default rlm_jradius is not compiled because it is considered experimental. So you have either to add --with-experimental-modules=**yes or as explained on the link above to add rlm_jradius to src/modules/stable Now if the module failed to compile (check the compilation process) then it won't be installed in your system. You should have a rlm_jradius.so file where your freeradius libraries are installed. Olivier -- Olivier Beytrison Network Security Engineer, HES-SO Fribourg Mail: oliv...@heliosnet.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/** list/users.html http://www.freeradius.org/list/users.html -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Failed to load module jradius freeradius server
I try to configure with command : ./configure --with-experimental-modules=yes but i got error like bellow : if [ xrlm_cram != x ]; then \ /home/iam/Downloads/freeradius-server-2.2.0/libtool --mode=install /home/iam/Downloads/freeradius-server-2.2.0/install-sh -c -c \ rlm_cram.la /usr/local/lib/rlm_cram.la || exit $?; \ rm -f /usr/local/lib/rlm_cram-2.2.0.la; \ ln -s rlm_cram.la /usr/local/lib/rlm_cram-2.2.0.la || exit $?; \ fi libtool: install: `rlm_cram.la' is not a valid libtool archive Try `libtool --help --mode=install' for more information. make[6]: *** [install] Error 1 make[6]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0/src/modules/rlm_cram' make[5]: *** [rlm_cram] Error 2 make[5]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0/src/modules' make[4]: *** [install] Error 2 make[4]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0/src/modules' make[3]: *** [modules] Error 2 make[3]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0/src' make[2]: *** [install] Error 2 make[2]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0/src' make[1]: *** [src] Error 2 make[1]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0' How about copy rlm_jradius to src/modules/stable manually ? Where i can download rlm_jradius for freerdaius ? Thanks On Thu, Mar 7, 2013 at 11:06 PM, Olivier Beytrison oliv...@heliosnet.orgwrote: On 07.03.2013 16:56, Iftakhul Anwar wrote: Actually i install freeradius from apt-get , But i try configure jradius following tutorial from http://coova.org/JRadius/FreeRADIUS How i can add this module to radius server if i using apt-get ? You can't. You have to compile it. experimental modules are usually not available in binary distribution. Either compile it by hand and install it, or build your own debian packages. follow http://wiki.freeradius.org/building/Build and remember to add either --with-experimental-modules=yes or add rlm_jradius to src/modules/stable Olivier -- Olivier Beytrison Network Security Engineer, HES-SO Fribourg Mail: oliv...@heliosnet.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Failed to load module jradius freeradius server
i've found rlm_jradius on src/modules. But after i ./configure and make and make install i can't found jradius modules on my radiusd installation. Then I try to configure with command : ./configure --with-experimental-modules=yes but i got error like bellow : if [ xrlm_cram != x ]; then \ /home/iam/Downloads/freeradius-server-2.2.0/libtool --mode=install /home/iam/Downloads/freeradius-server-2.2.0/install-sh -c -c \ rlm_cram.la /usr/local/lib/rlm_cram.la || exit $?; \ rm -f /usr/local/lib/rlm_cram-2.2.0.la; \ ln -s rlm_cram.la /usr/local/lib/rlm_cram-2.2.0.la || exit $?; \ fi libtool: install: `rlm_cram.la' is not a valid libtool archive Try `libtool --help --mode=install' for more information. make[6]: *** [install] Error 1 make[6]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0/src/modules/rlm_cram' make[5]: *** [rlm_cram] Error 2 make[5]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0/src/modules' make[4]: *** [install] Error 2 make[4]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0/src/modules' make[3]: *** [modules] Error 2 make[3]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0/src' make[2]: *** [install] Error 2 make[2]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0/src' make[1]: *** [src] Error 2 make[1]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0' i'm running on ubuntu 12.04 is there bug of freeradius 2.2.0 for this ubuntu version On Fri, Mar 8, 2013 at 7:17 AM, Fajar A. Nugraha l...@fajar.net wrote: On Fri, Mar 8, 2013 at 3:02 AM, Arran Cudbard-Bell a.cudba...@freeradius.org wrote: On 7 Mar 2013, at 10:55, Iftakhul Anwar an...@meruvian.org wrote: Actually i install freeradius from apt-get , Right, so jradius won't have been built. Actually, it should be available. That is, if you use Ubuntu Quantal, or Debian Testing. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599067 http://changelogs.ubuntu.com/changelogs/pool/main/f/freeradius/freeradius_2.1.12+dfsg-1.1/changelog If you use older version of the distro (e.g. Ubuntu precise) then you either need to rebuild the source package, or learn how to install packages from other distro/versions. Both are outside the scope of this list, but should be easy to do with the help of Google search. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Failed to load module jradius freeradius server
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server_pool my_auth_failover {
type = fail-over
home_server = localhost
}
realm example.com {
auth_pool = my_auth_failover
}
realm LOCAL {
}
Segmentation fault (core dumped)
I'm running on ubuntu 12.04 machine.
Any suggestion what should i do in order to jradius running on my radius
server ?
On Fri, Mar 8, 2013 at 7:21 AM, Iftakhul Anwar an...@meruvian.org wrote:
i've found rlm_jradius on src/modules.
But after i ./configure and make and make install i can't found jradius
modules on my radiusd installation.
Then I try to configure with command : ./configure
--with-experimental-modules=yes
but i got error like bellow :
if [ xrlm_cram != x ]; then \
/home/iam/Downloads/freeradius-server-2.2.0/libtool --mode=install
/home/iam/Downloads/freeradius-server-2.2.0/install-sh -c -c \
rlm_cram.la /usr/local/lib/rlm_cram.la || exit $?; \
rm -f /usr/local/lib/rlm_cram-2.2.0.la; \
ln -s rlm_cram.la /usr/local/lib/rlm_cram-2.2.0.la || exit $?; \
fi
libtool: install: `rlm_cram.la' is not a valid libtool archive
Try `libtool --help --mode=install' for more information.
make[6]: *** [install] Error 1
make[6]: Leaving directory
`/home/iam/Downloads/freeradius-server-2.2.0/src/modules/rlm_cram'
make[5]: *** [rlm_cram] Error 2
make[5]: Leaving directory
`/home/iam/Downloads/freeradius-server-2.2.0/src/modules'
make[4]: *** [install] Error 2
make[4]: Leaving directory
`/home/iam/Downloads/freeradius-server-2.2.0/src/modules'
make[3]: *** [modules] Error 2
make[3]: Leaving directory
`/home/iam/Downloads/freeradius-server-2.2.0/src'
make[2]: *** [install] Error 2
make[2]: Leaving directory
`/home/iam/Downloads/freeradius-server-2.2.0/src'
make[1]: *** [src] Error 2
make[1]: Leaving directory `/home/iam/Downloads/freeradius-server-2.2.0'
i'm running on ubuntu 12.04
is there bug of freeradius 2.2.0 for this ubuntu version
On Fri, Mar 8, 2013 at 7:17 AM, Fajar A. Nugraha l...@fajar.net wrote:
On Fri, Mar 8, 2013 at 3:02 AM, Arran Cudbard-Bell
a.cudba...@freeradius.org wrote:
On 7 Mar 2013, at 10:55, Iftakhul Anwar an...@meruvian.org wrote:
Actually i install freeradius from apt-get ,
Right, so jradius won't have been built.
Actually, it should be available. That is, if you use Ubuntu Quantal,
or Debian Testing.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599067
http://changelogs.ubuntu.com/changelogs/pool/main/f/freeradius/freeradius_2.1.12+dfsg-1.1/changelog
If you use older version of the distro (e.g. Ubuntu precise) then you
either need to rebuild the source package, or learn how to install
packages from other distro/versions. Both are outside the scope of
this list, but should be easy to do with the help of Google search.
--
Fajar
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
--
*M.Iftakhul Anwar*
Meruvian Integrator
High Performance Computing / Cloud Computing (HPC/CC)
Office Phone : 021-93586577
Mobile Phone : 085215331477
Blog : http://blog.mervpolis.com/roller/anwar
FB : http://www.facebook.com/troya.adromeda
Website : www.meruvian.org
--
*M.Iftakhul Anwar*
Meruvian Integrator
High Performance Computing / Cloud Computing (HPC/CC)
Office Phone : 021-93586577
Mobile Phone : 085215331477
Blog : http://blog.mervpolis.com/roller/anwar
FB : http://www.facebook.com/troya.adromeda
Website : www.meruvian.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Failed to load module jradius freeradius server
Hi Fajar, What do you mean rebuilding source package ? i've recompile freeradius-server-2.1.1 from source code. But when i try to run, jradius still not found i try with some parameter in configure command = ./configure --with-experimental-modules=yes and i got error like above when i try to run my radius server On Fri, Mar 8, 2013 at 8:39 AM, Fajar A. Nugraha l...@fajar.net wrote: On Fri, Mar 8, 2013 at 12:30 PM, Iftakhul Anwar an...@meruvian.org wrote: I try to downgrade to freeradius-server-2.1.1 as following from http://coova.org/JRadius/FreeRADIUS But when i try to running radiusd on foregound i got error message like bellow : I'm running on ubuntu 12.04 machine. Any suggestion what should i do in order to jradius running on my radius server ? How about actually doing what was suggested? Really, rebuilding a source package is easy enough. Even installing a package from Quantal on Precise is known to work in most cases. Google is your friend. Unless, of course, you decide to completely ignore the suggestions and do your own thing. That's fine too, but don't go complaining if something goes wrong. -- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Failed to load module jradius freeradius server
What is the right syntax for compile using experimental module ?
I've try to ./configure --with-experimental-modules=yes then make and make
install.
But on i can't find jradius module in {installation folder}/modules
i've also try ./configure --with-experimental-modules=rlm_jradius, but
still same.I can't find jradius module after installation
Help me to solve this,please
Thanks
On Fri, Mar 8, 2013 at 9:00 AM, Iftakhul Anwar an...@meruvian.org wrote:
Hi Fajar,
What do you mean rebuilding source package ?
i've recompile freeradius-server-2.1.1 from source code.
But when i try to run, jradius still not found
i try with some parameter in configure command = ./configure
--with-experimental-modules=yes
and i got error like above when i try to run my radius server
On Fri, Mar 8, 2013 at 8:39 AM, Fajar A. Nugraha l...@fajar.net wrote:
On Fri, Mar 8, 2013 at 12:30 PM, Iftakhul Anwar an...@meruvian.org
wrote:
I try to downgrade to freeradius-server-2.1.1 as following from
http://coova.org/JRadius/FreeRADIUS
But when i try to running radiusd on foregound i got error message like
bellow :
I'm running on ubuntu 12.04 machine.
Any suggestion what should i do in order to jradius running on my
radius
server ?
How about actually doing what was suggested?
Really, rebuilding a source package is easy enough. Even installing a
package from Quantal on Precise is known to work in most cases. Google
is your friend.
Unless, of course, you decide to completely ignore the suggestions and
do your own thing. That's fine too, but don't go complaining if
something goes wrong.
--
Fajar
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
--
*M.Iftakhul Anwar*
Meruvian Integrator
High Performance Computing / Cloud Computing (HPC/CC)
Office Phone : 021-93586577
Mobile Phone : 085215331477
Blog : http://blog.mervpolis.com/roller/anwar
FB : http://www.facebook.com/troya.adromeda
Website : www.meruvian.org
--
*M.Iftakhul Anwar*
Meruvian Integrator
High Performance Computing / Cloud Computing (HPC/CC)
Office Phone : 021-93586577
Mobile Phone : 085215331477
Blog : http://blog.mervpolis.com/roller/anwar
FB : http://www.facebook.com/troya.adromeda
Website : www.meruvian.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Freeradius with either LDAP or Mysql Error lib not found
Hi All I just try to config freeradius using either Mysql or LDAP. But i get same error like bellow : [errror Mysq] Fri Mar 8 13:44:46 2013 : Error: Could not link driver rlm_sql_mysql: rlm_sql_mysql.so: cannot open shared object file: No such file or directory Fri Mar 8 13:44:46 2013 : Error: Make sure it (and all its dependent libraries!) are in the search path of your system's ld. Fri Mar 8 13:44:46 2013 : Error: /usr/local/etc/raddb/sql.conf[22]: Instantiation failed for module sql Fri Mar 8 13:44:46 2013 : Error: /usr/local/etc/raddb/sites-enabled/default[177]: Failed to find sql in the modules section. Fri Mar 8 13:44:46 2013 : Error: /usr/local/etc/raddb/sites-enabled/default[69]: Errors parsing authorize section. i've read in some article that it's solved by installed mysql-devel package. In this case i've installed libmysqlclient-dev on my ubuntu 12.04 But still get same error. It's also happen on my freeradius ldap? [error LDAP] /usr/local/etc/raddb/modules/ldap[29]: Failed to link to module 'rlm_ldap': rlm_ldap.so: cannot open shared object file: No such file or directory /usr/local/etc/raddb/sites-enabled/default[305]: Failed to find ldap in the modules section. /usr/local/etc/raddb/sites-enabled/default[305]: Failed to parse ldap How i can solve this issue ? Thanks -- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Failed to load module jradius freeradius server
HI All,
I just installed free radius server using apt-get on my ubuntu machine.
Now i want to configure jradius on my freeradius server.
I follow step by step from http://coova.org/JRadius/FreeRADIUS.
Firstly my freeradius server running well, whereas i've configure it with
mysql and coovachilli.
Then i configure with jradius, i inserted module on radius.conf file on
module section like bellow :
# configure the rlm_jradius module
jradius {
name = radius # The Requester name (a single
# JRadius server can have
# multiple applications)
primary = localhost # Uses default port 1814
secondary = 192.168.2.3 # Fail-over server
tertiary = 192.168.2.3:8002# Fail-over server on port 8002
timeout = 1 # Connect Timeout
onfail= NOOP # What to do if no JRadius
# Server is found. Options are:
# FAIL (default), OK, REJECT, NOOP
keepalive = yes # Keep connections to JRadius pooled
connections = 8 # Number of pooled JRadius
connections
}
Then i add some authorization on /etc/freeradius/site-avalaible/default
like bellow
authorize {
...
jradius
}
post-auth {
...
jradius
Post-Auth-Type REJECT {
jradius
}
}
preacct {
...
jradius
}
accounting {
...
jradius
}
Finally i try to running on foreground to know that my configuration has
been success, but i get error message like bellow :
Thu Mar 7 13:56:15 2013 : Debug: } # modules
Thu Mar 7 13:56:15 2013 : Debug: } # server
Thu Mar 7 13:56:15 2013 : Debug: server { # from file
/etc/freeradius/radiusd.conf
Thu Mar 7 13:56:15 2013 : Debug: modules {
Thu Mar 7 13:56:15 2013 : Debug: Module: Checking authenticate {...} for
more modules to load
Thu Mar 7 13:56:15 2013 : Debug: (Loaded rlm_digest, checking if it's
valid)
Thu Mar 7 13:56:15 2013 : Debug: Module: Linked to module rlm_digest
Thu Mar 7 13:56:15 2013 : Debug: Module: Instantiating module digest
from file /etc/freeradius/modules/digest
Thu Mar 7 13:56:15 2013 : Debug: Module: Checking authorize {...} for
more modules to load
Thu Mar 7 13:56:15 2013 : Debug: (Loaded rlm_preprocess, checking if
it's valid)
Thu Mar 7 13:56:15 2013 : Debug: Module: Linked to module rlm_preprocess
Thu Mar 7 13:56:15 2013 : Debug: Module: Instantiating module
preprocess from file /etc/freeradius/modules/preprocess
Thu Mar 7 13:56:15 2013 : Debug: preprocess {
Thu Mar 7 13:56:15 2013 : Debug: huntgroups = /etc/freeradius/huntgroups
Thu Mar 7 13:56:15 2013 : Debug: hints = /etc/freeradius/hints
Thu Mar 7 13:56:15 2013 : Debug: with_ascend_hack = no
Thu Mar 7 13:56:15 2013 : Debug: ascend_channels_per_line = 23
Thu Mar 7 13:56:15 2013 : Debug: with_ntdomain_hack = no
Thu Mar 7 13:56:15 2013 : Debug: with_specialix_jetstream_hack = no
Thu Mar 7 13:56:15 2013 : Debug: with_cisco_vsa_hack = no
Thu Mar 7 13:56:15 2013 : Debug: with_alvarion_vsa_hack = no
Thu Mar 7 13:56:15 2013 : Debug: }
Thu Mar 7 13:56:15 2013 : Error: /etc/freeradius/radiusd.conf[644]: Failed
to link to module 'rlm_jradius': file not found
Thu Mar 7 13:56:15 2013 : Error:
/etc/freeradius/sites-enabled/default[71]: Failed to load module jradius.
Thu Mar 7 13:56:15 2013 : Error:
/etc/freeradius/sites-enabled/default[62]: Errors parsing authorize
section.
What this error ?
How i can solve this issue ?
Thanks
--
*M.Iftakhul Anwar*
Meruvian Integrator
High Performance Computing / Cloud Computing (HPC/CC)
Office Phone : 021-93586577
Mobile Phone : 085215331477
Blog : http://blog.mervpolis.com/roller/anwar
FB : http://www.facebook.com/troya.adromeda
Website : www.meruvian.org
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
