RE: Configuration issue - unknown client
-Original Message- From: [EMAIL PROTECTED] org [mailto:[EMAIL PROTECTED] eradius.org] On Behalf Of Dan O'Reilly Sent: August 13, 2007 6:58 PM To: FreeRadius users mailing list Cc: FreeRadius users mailing list Subject: Re: Configuration issue - unknown client My /etc/raddb/clients.conf: client 192.168.0.11 { secret = foobar } Here's the output from radiusd -X: danolaptop freeradius-1.1.7 # /usr/local/sbin/radiusd -X Starting - reading configuration files ... reread_config: reading radiusd.conf Config: including file: /usr/local/etc/raddb/proxy.conf Config: including file: /usr/local/etc/raddb/clients.conf Config: including file: /usr/local/etc/raddb/snmp.conf Config: including file: /usr/local/etc/raddb/eap.conf Config: including file: /usr/local/etc/raddb/sql.conf Have you tried moving your config files to /usr/local/etc/raddb/ as that is where freeradius is looking for them, not in /etc/raddb/* Jeff. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Configuration issue - unknown client
D'OH! massive forehead slap You're right, I apparently have a reading disability of some sort. That made it work, thanks! At 06:39 AM 8/14/2007, Jeff Crowe wrote: -Original Message- From: [EMAIL PROTECTED] org [mailto:[EMAIL PROTECTED] eradius.org] On Behalf Of Dan O'Reilly Sent: August 13, 2007 6:58 PM To: FreeRadius users mailing list Cc: FreeRadius users mailing list Subject: Re: Configuration issue - unknown client My /etc/raddb/clients.conf: client 192.168.0.11 { secret = foobar } Here's the output from radiusd -X: danolaptop freeradius-1.1.7 # /usr/local/sbin/radiusd -X Starting - reading configuration files ... reread_config: reading radiusd.conf Config: including file: /usr/local/etc/raddb/proxy.conf Config: including file: /usr/local/etc/raddb/clients.conf Config: including file: /usr/local/etc/raddb/snmp.conf Config: including file: /usr/local/etc/raddb/eap.conf Config: including file: /usr/local/etc/raddb/sql.conf Have you tried moving your config files to /usr/local/etc/raddb/ as that is where freeradius is looking for them, not in /etc/raddb/* Jeff. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- +---++ | Dan O'Reilly | There are 10 types of people in this | | Principal Engineer| world: those who understand binary | | Process Software | and those who don't.| | http://www.process.com|| +---++ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Configuration issue - unknown client
On 8/13/07, Dan O'Reilly [EMAIL PROTECTED] wrote: This is my first stab at Freeradius. I have the server installed on Sabayon Linux, and the radtest script runs fine. I've done basically no configuration to it, because I'm not sure what to configure. I'm writing a client on another system (it's VMS if that's germane). I format send a request packet to the server system, and get (running radiusd -X): rad_recv: Access-Request packet from host 192.168.0.11:1812, id=67, length=47 Ignoring request from unknown client 192.168.0.11:1812 You need to add new clients to clients.conf. FreeRADIUS will only talk to clients in this file. -- Nicholas Hall [EMAIL PROTECTED] 262.208.6271 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Configuration issue - unknown client
Same issue. Here's my /etc/raddb/clients.conf: client 192.168.0.11 secret foobar At 04:15 PM 8/13/2007, Nicholas Hall wrote: On 8/13/07, Dan O'Reilly mailto:[EMAIL PROTECTED][EMAIL PROTECTED] wrote: This is my first stab at Freeradius. I have the server installed on Sabayon Linux, and the radtest script runs fine. I've done basically no configuration to it, because I'm not sure what to configure. I'm writing a client on another system (it's VMS if that's germane). I format send a request packet to the server system, and get (running radiusd -X): rad_recv: Access-Request packet from host http://192.168.0.11:1812192.168.0.11:1812, id=67, length=47 Ignoring request from unknown client http://192.168.0.11:1812192.168.0.11:1812 You need to add new clients to clients.conf. FreeRADIUS will only talk to clients in this file. -- Nicholas Hall mailto:[EMAIL PROTECTED][EMAIL PROTECTED] 262.208.6271 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- +---++ | Dan O'Reilly | There are 10 types of people in this | | Principal Engineer| world: those who understand binary | | Process Software | and those who don't.| | http://www.process.com|| +---++ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Configuration issue - unknown client
On 8/13/07, Dan O'Reilly [EMAIL PROTECTED] wrote: Same issue. Here's my /etc/raddb/clients.conf: client 192.168.0.11 secret foobar Shouldn't that be: client 192.168.0.11 { secret = foobar } -- Nicholas Hall [EMAIL PROTECTED] 262.208.6271 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Configuration issue - unknown client
I had it that way and it didn't work either. At 04:27 PM 8/13/2007, Nicholas Hall wrote: On 8/13/07, Dan O'Reilly mailto:[EMAIL PROTECTED][EMAIL PROTECTED] wrote: Same issue. Here's my /etc/raddb/clients.conf: client http://192.168.0.11192.168.0.11 secret foobar Shouldn't that be: client http://192.168.0.11192.168.0.11 { secret = foobar } -- Nicholas Hall mailto:[EMAIL PROTECTED][EMAIL PROTECTED] 262.208.6271 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- +---++ | Dan O'Reilly | There are 10 types of people in this | | Principal Engineer| world: those who understand binary | | Process Software | and those who don't.| | http://www.process.com|| +---++ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Configuration issue - unknown client
On 8/13/07, Dan O'Reilly [EMAIL PROTECTED] wrote: I had it that way and it didn't work either. At 04:27 PM 8/13/2007, Nicholas Hall wrote: On 8/13/07, Dan O'Reilly mailto:[EMAIL PROTECTED][EMAIL PROTECTED] wrote: Same issue. Here's my /etc/raddb/clients.conf: client http://192.168.0.11192.168.0.11 secret foobar Shouldn't that be: client http://192.168.0.11192.168.0.11 { secret = foobar } Dan, please follow the examples in clients.conf and then post your complete radius debug output (radiusd -X) -- Nicholas Hall [EMAIL PROTECTED] 262.208.6271 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Configuration issue - unknown client
My /etc/raddb/clients.conf: client 192.168.0.11 { secret = foobar } Here's the output from radiusd -X: danolaptop freeradius-1.1.7 # /usr/local/sbin/radiusd -X Starting - reading configuration files ... reread_config: reading radiusd.conf Config: including file: /usr/local/etc/raddb/proxy.conf Config: including file: /usr/local/etc/raddb/clients.conf Config: including file: /usr/local/etc/raddb/snmp.conf Config: including file: /usr/local/etc/raddb/eap.conf Config: including file: /usr/local/etc/raddb/sql.conf main: prefix = /usr/local main: localstatedir = /usr/local/var main: logdir = /usr/local/var/log/radius main: libdir = /usr/local/lib main: radacctdir = /usr/local/var/log/radius/radacct main: hostname_lookups = no main: snmp = no main: max_request_time = 30 main: cleanup_delay = 5 main: max_requests = 1024 main: delete_blocked_requests = 0 main: port = 0 main: allow_core_dumps = no main: log_stripped_names = no main: log_file = /usr/local/var/log/radius/radius.log main: log_auth = no main: log_auth_badpass = no main: log_auth_goodpass = no main: pidfile = /usr/local/var/run/radiusd/radiusd.pid main: user = (null) main: group = (null) main: usercollide = no main: lower_user = no main: lower_pass = no main: nospace_user = no main: nospace_pass = no main: checkrad = /usr/local/sbin/checkrad main: proxy_requests = yes proxy: retry_delay = 5 proxy: retry_count = 3 proxy: synchronous = no proxy: default_fallback = yes proxy: dead_time = 120 proxy: post_proxy_authorize = no proxy: wake_all_if_all_dead = no security: max_attributes = 200 security: reject_delay = 1 security: status_server = no main: debug_level = 0 read_config_files: reading dictionary read_config_files: reading naslist Using deprecated naslist file. Support for this will go away soon. read_config_files: reading clients read_config_files: reading realms radiusd: entering modules setup Module: Library search path is /usr/local/lib Module: Loaded exec exec: wait = yes exec: program = (null) exec: input_pairs = request exec: output_pairs = (null) exec: packet_type = (null) rlm_exec: Wait=yes but no output defined. Did you mean output=none? Module: Instantiated exec (exec) Module: Loaded expr Module: Instantiated expr (expr) Module: Loaded PAP pap: encryption_scheme = crypt pap: auto_header = yes Module: Instantiated pap (pap) Module: Loaded CHAP Module: Instantiated chap (chap) Module: Loaded MS-CHAP mschap: use_mppe = yes mschap: require_encryption = no mschap: require_strong = no mschap: with_ntdomain_hack = no mschap: passwd = (null) mschap: ntlm_auth = (null) Module: Instantiated mschap (mschap) Module: Loaded System unix: cache = no unix: passwd = (null) unix: shadow = (null) unix: group = (null) unix: radwtmp = /usr/local/var/log/radius/radwtmp unix: usegroup = no unix: cache_reload = 600 Module: Instantiated unix (unix) Module: Loaded eap eap: default_eap_type = md5 eap: timer_expire = 60 eap: ignore_unknown_eap_types = no eap: cisco_accounting_username_bug = no rlm_eap: Loaded and initialized type md5 rlm_eap: Loaded and initialized type leap gtc: challenge = Password: gtc: auth_type = PAP rlm_eap: Loaded and initialized type gtc mschapv2: with_ntdomain_hack = no rlm_eap: Loaded and initialized type mschapv2 Module: Instantiated eap (eap) Module: Loaded preprocess preprocess: huntgroups = /usr/local/etc/raddb/huntgroups preprocess: hints = /usr/local/etc/raddb/hints preprocess: with_ascend_hack = no preprocess: ascend_channels_per_line = 23 preprocess: with_ntdomain_hack = no preprocess: with_specialix_jetstream_hack = no preprocess: with_cisco_vsa_hack = no preprocess: with_alvarion_vsa_hack = no Module: Instantiated preprocess (preprocess) Module: Loaded realm realm: format = suffix realm: delimiter = @ realm: ignore_default = no realm: ignore_null = no Module: Instantiated realm (suffix) Module: Loaded files files: usersfile = /usr/local/etc/raddb/users files: acctusersfile = /usr/local/etc/raddb/acct_users files: preproxy_usersfile = /usr/local/etc/raddb/preproxy_users files: compat = no Module: Instantiated files (files) Module: Loaded Acct-Unique-Session-Id acct_unique: key = User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port Module: Instantiated acct_unique (acct_unique) Module: Loaded detail detail: detailfile = /usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d detail: detailperm = 384 detail: dirperm = 493 detail: locking = no Module: Instantiated detail (detail) Module: Loaded radutmp radutmp: filename = /usr/local/var/log/radius/radutmp radutmp: username = %{User-Name} radutmp: case_sensitive = yes radutmp: check_with_nas = yes radutmp: perm = 384 radutmp: callerid = yes Module: Instantiated radutmp (radutmp) Listening on authentication *:1812 Listening on accounting *:1813