Re: FreeRadius questions
On 2012/02/28 07:06 PM, James DeLuca wrote: Module: Checking post-auth {...} for more modules to load } radiusd: Opening IP addresses and Ports listen { type = auth ipaddr = 10.0.8.9 You've configures your server to NOT listen on localhost. Sending to localhost will therefore not work. -- Johan Meiring Cape PC Services CC Tel: (021) 883-8271 Fax: (021) 886-7782 Before acting on this email or opening any attachments you should read Cape PC Service's email disclaimer at: http://www.pcservices.co.za/disclaimer.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
FreeRadius questions
Hope you can help us out. First time dealing with RADIUS servers. Following your instructions. Seem to have missed something along the way. We are running FreeRadius(Version 2.1.1) on a SLES version 11 server. The serve has a static IP address. We have tried both of the following setting in our client.conf file(/etc/raddb/clients.conf). Neither have produced good results. client localhost { ipadddr = 127.0.0.1 require_message_authenticator = no secret = x nastype = other } client localhost { ipadddr = 10.0.xxx.xxx require_message_authenticator = no secret = x nastype = other } We entered a user in our user(/etc/raddb/users) file bob Cleartext-Password := hello Started two terminal sessions. In the first session we ran /usr/sbin/radiusd -X And received these results FreeRADIUS Version 2.1.1, for host i686-suse-linux-gnu, built on Feb 23 2009 at 21:34:25 Copyright (C) 1999-2008 The FreeRADIUS server project and contributors. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. You may redistribute copies of FreeRADIUS under the terms of the GNU General Public License v2. Starting - reading configuration files ... including configuration file /etc/raddb/radiusd.conf including configuration file /etc/raddb/proxy.conf including configuration file /etc/raddb/clients.conf including files in directory /etc/raddb/modules/ including configuration file /etc/raddb/modules/detail including configuration file /etc/raddb/modules/preprocess including configuration file /etc/raddb/modules/ippool including configuration file /etc/raddb/modules/inner-eap including configuration file /etc/raddb/modules/checkval including configuration file /etc/raddb/modules/ldap including configuration file /etc/raddb/modules/sradutmp including configuration file /etc/raddb/modules/attr_filter including configuration file /etc/raddb/modules/policy including configuration file /etc/raddb/modules/always including configuration file /etc/raddb/modules/etc_group including configuration file /etc/raddb/modules/logintime including configuration file /etc/raddb/modules/passwd including configuration file /etc/raddb/modules/realm including configuration file /etc/raddb/modules/krb5 including configuration file /etc/raddb/modules/echo including configuration file /etc/raddb/modules/expiration including configuration file /etc/raddb/modules/expr including configuration file /etc/raddb/modules/detail.example.com including configuration file /etc/raddb/modules/pam including configuration file /etc/raddb/modules/files including configuration file /etc/raddb/modules/smbpasswd including configuration file /etc/raddb/modules/attr_rewrite including configuration file /etc/raddb/modules/linelog including configuration file /etc/raddb/modules/detail.log including configuration file /etc/raddb/modules/unix including configuration file /etc/raddb/modules/exec including configuration file /etc/raddb/modules/radutmp including configuration file /etc/raddb/modules/acct_unique including configuration file /etc/raddb/modules/digest including configuration file /etc/raddb/modules/chap including configuration file /etc/raddb/modules/sql_log including configuration file /etc/raddb/modules/mschap including configuration file /etc/raddb/modules/counter including configuration file /etc/raddb/modules/pap including configuration file /etc/raddb/modules/mac2vlan including configuration file /etc/raddb/modules/mac2ip including configuration file /etc/raddb/modules/wimax including configuration file /etc/raddb/eap.conf including configuration file /etc/raddb/sql.conf including configuration file /etc/raddb/sql/mysql/dialup.conf including configuration file /etc/raddb/sql/mysql/counter.conf including configuration file /etc/raddb/policy.conf including files in directory /etc/raddb/sites-enabled/ including configuration file /etc/raddb/sites-enabled/default including configuration file /etc/raddb/sites-enabled/inner-tunnel group = radiusd user = radiusd including dictionary file /etc/raddb/dictionary main { prefix = /usr localstatedir = /var logdir = /var/log/radius libdir = /usr/lib/freeradius radacctdir = /var/log/radius/radacct hostname_lookups = no max_request_time = 30 cleanup_delay = 5 max_requests = 1024 allow_core_dumps = no pidfile = /var/run/radiusd/radiusd.pid checkrad = /usr/sbin/checkrad debug_level = 0 proxy_requests = yes log { stripped_names = no auth = no auth_badpass = no auth_goodpass = no } security { max_attributes = 200 reject_delay = 1 status_server = yes } } client localhost { ipaddr = 10.0.8.9 require_message_authenticator = no secret = testing123 nastype = other } radiusd:
Re: FreeRadius questions
hi, you have configured your server to listen for authentications on IP 10.0.8.9 ..but then you try sending a request to 127.0.0.1 (localhost) of course it isnt going to work. either configure the server to listen on all interfaces (*) as a default install would, or use 10.0.8.9 as the destination address with radtest alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: FreeRadius questions
Firewall is turned off on the server at this time. From: freeradius-users-bounces+jdeluca=wiu.k12.pa...@lists.freeradius.org [mailto:freeradius-users-bounces+jdeluca=wiu.k12.pa...@lists.freeradius.org] On Behalf Of hashim zayed Sent: Tuesday, February 28, 2012 2:16 PM To: FreeRadius users mailing list Subject: Re: FreeRadius questions Please make sure that port 1812/1813 are enabled on your server firewall. Hashim Mohammed Zayed Moeen IT On 2012 2 28 17:10, James DeLuca jdel...@wiu.k12.pa.usmailto:jdel...@wiu.k12.pa.us wrote: Hope you can help us out. First time dealing with RADIUS servers. Following your instructions. Seem to have missed something along the way. We are running FreeRadius(Version 2.1.1) on a SLES version 11 server. The serve has a static IP address. We have tried both of the following setting in our client.conf file(/etc/raddb/clients.conf). Neither have produced good results. client localhost { ipadddr = 127.0.0.1 require_message_authenticator = no secret = x nastype = other } client localhost { ipadddr = 10.0.xxx.xxx require_message_authenticator = no secret = x nastype = other } We entered a user in our user(/etc/raddb/users) file bob Cleartext-Password := hello Started two terminal sessions. In the first session we ran /usr/sbin/radiusd -X And received these results FreeRADIUS Version 2.1.1, for host i686-suse-linux-gnu, built on Feb 23 2009 at 21:34:25 Copyright (C) 1999-2008 The FreeRADIUS server project and contributors. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. You may redistribute copies of FreeRADIUS under the terms of the GNU General Public License v2. Starting - reading configuration files ... including configuration file /etc/raddb/radiusd.conf including configuration file /etc/raddb/proxy.conf including configuration file /etc/raddb/clients.conf including files in directory /etc/raddb/modules/ including configuration file /etc/raddb/modules/detail including configuration file /etc/raddb/modules/preprocess including configuration file /etc/raddb/modules/ippool including configuration file /etc/raddb/modules/inner-eap including configuration file /etc/raddb/modules/checkval including configuration file /etc/raddb/modules/ldap including configuration file /etc/raddb/modules/sradutmp including configuration file /etc/raddb/modules/attr_filter including configuration file /etc/raddb/modules/policy including configuration file /etc/raddb/modules/always including configuration file /etc/raddb/modules/etc_group including configuration file /etc/raddb/modules/logintime including configuration file /etc/raddb/modules/passwd including configuration file /etc/raddb/modules/realm including configuration file /etc/raddb/modules/krb5 including configuration file /etc/raddb/modules/echo including configuration file /etc/raddb/modules/expiration including configuration file /etc/raddb/modules/expr including configuration file /etc/raddb/modules/detail.example.comhttp://detail.example.com including configuration file /etc/raddb/modules/pam including configuration file /etc/raddb/modules/files including configuration file /etc/raddb/modules/smbpasswd including configuration file /etc/raddb/modules/attr_rewrite including configuration file /etc/raddb/modules/linelog including configuration file /etc/raddb/modules/detail.log including configuration file /etc/raddb/modules/unix including configuration file /etc/raddb/modules/exec including configuration file /etc/raddb/modules/radutmp including configuration file /etc/raddb/modules/acct_unique including configuration file /etc/raddb/modules/digest including configuration file /etc/raddb/modules/chap including configuration file /etc/raddb/modules/sql_log including configuration file /etc/raddb/modules/mschap including configuration file /etc/raddb/modules/counter including configuration file /etc/raddb/modules/pap including configuration file /etc/raddb/modules/mac2vlan including configuration file /etc/raddb/modules/mac2ip including configuration file /etc/raddb/modules/wimax including configuration file /etc/raddb/eap.conf including configuration file /etc/raddb/sql.conf including configuration file /etc/raddb/sql/mysql/dialup.conf including configuration file /etc/raddb/sql/mysql/counter.conf including configuration file /etc/raddb/policy.conf including files in directory /etc/raddb/sites-enabled/ including configuration file /etc/raddb/sites-enabled/default including configuration file /etc/raddb/sites-enabled/inner-tunnel group = radiusd user = radiusd including dictionary file /etc/raddb/dictionary main { prefix = /usr localstatedir = /var logdir = /var/log/radius libdir = /usr/lib/freeradius radacctdir = /var/log/radius/radacct hostname_lookups = no max_request_time = 30
RE: FreeRadius questions
Changed the radtest to radtest bob hello 10.0.8.9 0 testing123 Now in the terminal windows where we ran radiusd -X we get the following error Ignoring request to authentication address 10.0.8.9 port 1812 from unknown client 10.0.8.9 port 56524 The terminal session we ran the radtest bob hello 10.0.8.9 0 testing123 still has the no response message. From: freeradius-users-bounces+jdeluca=wiu.k12.pa...@lists.freeradius.org [freeradius-users-bounces+jdeluca=wiu.k12.pa...@lists.freeradius.org] on behalf of Alan Buxey [a.l.m.bu...@lboro.ac.uk] Sent: Tuesday, February 28, 2012 2:50 PM To: FreeRadius users mailing list Subject: Re: FreeRadius questions hi, you have configured your server to listen for authentications on IP 10.0.8.9 ..but then you try sending a request to 127.0.0.1 (localhost) of course it isnt going to work. either configure the server to listen on all interfaces (*) as a default install would, or use 10.0.8.9 as the destination address with radtest alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: FreeRadius questions
James DeLuca wrote: Changed the radtest to radtest bob hello 10.0.8.9 0 testing123 Now in the terminal windows where we ran radiusd -X we get the following error Ignoring request to authentication address 10.0.8.9 port 1812 from unknown client 10.0.8.9 port 56524 So... what do you think you should do? Read the previous message as a hint. The terminal session we ran the radtest bob hello 10.0.8.9 0 testing123 still has the no response message. We assume a certain basic understanding of IP networking. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: FreeRadius questions
Hi, radtest bob hello 10.0.8.9 0 testing123 Now in the terminal windows where we ran radiusd -X we get the following error Ignoring request to authentication address 10.0.8.9 port 1812 from unknown client 10.0.8.9 port 56524 is 10.0.8.9 listed in clients.conf ? you will see no response in the radtest window as, as the server says, the request is being ignored... you'll just get a time out alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html