freeradius not responding on machine specific IPs

Andy Billington billington.andy at googlemail.com
Fri Dec 12 19:27:35 CET 2008 

Check firewall ports - we had "fun" when FR was listening on the 18s
but our firewall guy did his config using the "traditional" 16s.  Also
have you got your FR client configured so FR server knows to process
requests from that source?


Hth
Andy

On 12/12/2008, kevin <rat at yia.ca> wrote:
> I was loathe to ask a newbie question, but it appears I have one.
>
> How does one configure freeradius to listen on all IPs specific to a
> machine?
>
> I have a remote Ubuntu 7.10 server (32bit) which I want to use for
> authentication via freeradius.  It (freeradius 1.1.6-2) installed all
> nice and is running properly in default config, or it would seem.  I
> cannot get a response when a remote authenticate is made.
>
> When I ssh into the server, it appropriately responds to the following:
>
>> root at server3:/home/kevin# radtest fred wilma 127.0.0.1 1812 mysecret
>> Sending Access-Request of id 1 to 127.0.0.1 port 1812
>> 	User-Name = "fred"
>> 	User-Password = "wilma"
>> 	NAS-IP-Address = 255.255.255.255
>> 	NAS-Port = 1812
>> Re-sending Access-Request of id 1 to 127.0.0.1 port 1812
>> 	User-Name = "fred"
>> 	User-Password = "wilma"
>> 	NAS-IP-Address = 255.255.255.255
>> 	NAS-Port = 1812
>> rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=1, length=20
>> rad_verify: Received Access-Reject packet from client 127.0.0.1 port 1812
>> with invalid signature (err=2)!  (Shared secret is incorrect.)
>
> When I try radtest on the network IP, it fails, as per:
>
>> root at server3:/home/kevin# radtest fred wilma 192.168.3.199 1812 mysecret
>> Sending Access-Request of id 5 to 192.168.3.199 port 1812
>> 	User-Name = "fred"
>> 	User-Password = "wilma"
>> 	NAS-IP-Address = 255.255.255.255
>> 	NAS-Port = 1812
>> Re-sending Access-Request of id 5 to 192.168.3.199 port 1812
>> 	User-Name = "fred"
>> 	User-Password = "wilma"
>> 	NAS-IP-Address = 255.255.255.255
>> 	NAS-Port = 1812
>
> etc...
>
> I have tried setting the listen in Radiusd.conf to be the network IP of the
> machine
> (x.x.3.199), but that gave the same results.
>
> Any thoughts on what this n00b is doing wrong?
>
> Thanks,
>
> Kevin
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>

-- 
Sent from my mobile device

More information about the Freeradius-Users mailing list