2.0.0 documentation for radiusd.conf.

Arran Cudbard-Bell A.Cudbard-Bell at sussex.ac.uk
Thu Jun 14 16:47:20 CEST 2007


> 
> rad_recv: Access-Request packet from host 139.184.6.42 port 1141, id=42, 
> length=151
>          User-Name = "ac221"
>          NAS-IP-Address = 127.0.0.1
>          NAS-Port = 1
>          Called-Station-Id = "00-14-C2-B6-7D-32:eduroam"
>          Calling-Station-Id = "00-19-E3-0C-CD-58"
>          Framed-MTU = 1400
>          NAS-Port-Type = Wireless-802.11
>          Connect-Info = "CONNECT 54Mbps 802.11g"
>          EAP-Message = 0x0200000a016163323231
>          Message-Authenticator = 0xae11e154e1819b9fde40d27a0147ad04
>    Processing the authorize section of radiusd.conf
> +- entering group authorize
> ++? if ("%{NAS-IP-Address}" == "127.0.0.1")
>          expand: %{NAS-IP-Address} -> 127.0.0.1
> ? Evaluating ("%{NAS-IP-Address}" == "127.0.0.1") -> TRUE
> ++? if ("%{NAS-IP-Address}" == "127.0.0.1") -> TRUE
> ++- entering if ("%{NAS-IP-Address}" == "127.0.0.1")
>          expand: %{Packet-Src-IP-Address} -> 139.184.6.42
> Bus error
> 
> *narrowed*
> 
> authorize {
> # Some devices send their loopback address as Nas IP Address, overwrite 
> this with packet source.
> if("%{NAS-IP-Address}" == "127.0.0.1"){
>      update request {
>          NAS-IP-Address := "%{Packet-Src-IP-Address}"
>      }
> }
> }
>>

Heh, located the issue with the access point...

If you tell it to fail over to it's internal RADIUS server after trying 
the primary and secondary, it'll send 127.0.0.1 to the primary and 
secondary too ... fun.

My faith has wained quite a bit in the quality of HP products since 
starting this project *sigh*.

-- 
Arran Cudbard-Bell (A.Cudbard-Bell at sussex.ac.uk)
Authentication, Authorisation and Accounting Officer
Infrastructure Services | ENG1 E1-1-08
University Of Sussex, Brighton
EXT:01273 873900 | INT: 3900



More information about the Freeradius-Users mailing list