radius is not listening

Elizabeth Steinke liz at twistedpair.cc
Mon Oct 20 04:50:13 CEST 2008


Greetings!
I have a suggestion ,If you want to see if the packets are getting to the
host try running

tcp -X udp

also
tcpdump -X host <hostname>


then try a request and see if the packets show up.


On Sun, Oct 19, 2008 at 7:38 PM, saman saman <ssaman at hotmail.com> wrote:

>
> HI Alan,
> what If radtest localhost also doesn't work either?
> here the iptables output
> #iptables -L -n
> Chain INPUT (policy DROP)
> target     prot opt source               destination
> ACCEPT     all  --  127.0.0.1            0.0.0.0/0
> ACCEPT     all  --  192.168.1.2          0.0.0.0/0
> ACCEPT     all  --  192.168.0.10         0.0.0.0/0
> ACCEPT     all  --  192.168.0.0/24       0.0.0.0/0
> ACCEPT     all  --  0.0.0.0/0            192.168.1.0/24
> ACCEPT     all  --  .0.0.0/0            192.168.1.2         state
> RELATED,ESTABLISHED
> svr1       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:21
> svr1       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:22
> srv1       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:80
> srv1       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:80
> svr1       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:110
> svr1       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:113
> ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:1812
> ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:1813
> ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:1814
> ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:53
> ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:110
> ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:2074
> ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:4000
> ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 8
> ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 11
> ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 80
>
> Chain FORWARD (policy DROP)
> target     prot opt source               destination
> ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
> ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
> ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state
> RELATED,ESTABLISHED
>
> Chain OUTPUT (policy DROP)
> target     prot opt source               destination
> ACCEPT     all  --  127.0.0.1            0.0.0.0/0
> ACCEPT     all  --  192.168.0.10         0.0.0.0/0
> ACCEPT     all  --  192.168.1.2          0.0.0.0/0
> ACCEPT     all  --  192.168.1.206        0.0.0.0/0
>
> Chain mars (6 references)
> target     prot opt source               destination
> ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp
> flags:0x16/0x02
> ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state
> RELATED,ESTABLISHED
> DROP       tcp  --  0.0.0.0/0            0.0.0.0/0
>
> #radtest John hello localhost 0 testing
>        User-Name = "John"
>        User-Password = "hello"
>        NAS-IP-Address = 192.168.1.2
>        NAS-Port = 0
>        User-Name = "John"
>        User-Password = "hello"
>        NAS-IP-Address = 192.168.1.2
>        NAS-Port = 0
>        User-Name = "John"
>        User-Password = "hello"
>        NAS-IP-Address = 192.168.1.2
>        NAS-Port = 0
>        User-Name = "John"
>        User-Password = "hello"
>        NAS-IP-Address = 192.168.1.2
>        NAS-Port = 0
>        User-Name = "John"
>        User-Password = "hello"
>        NAS-IP-Address = 192.168.1.2
>        NAS-Port = 0
>        User-Name = "John"
>        User-Password = "hello"
>        NAS-IP-Address = 192.168.1.2
>        NAS-Port = 0
>
> The above iptables output shows the udp 1812, 1813 & 1814 are all accepted.
>
> > > Hi I am a newbie and recently would like to try to experience
> freeradius-server-2.0.4 but unfortunately I have problems can't solved.
> > > The freeradius is running ok but when attempt to authenticate the
> server is just not responding to clients request.
> > ...
> > > #radiusd -X
> > ...
> > > Ready to process requests.
> >
> >   The point of debug mode is to show it processing packets.
> >
> >   If you've sent it packets and it doesn't receive them, fix the
> > firewall on your OS to allow RADIUS packets.
> >
> >   Alan DeKok.
> > -
> > List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
> _________________________________________________________________
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20081019/9b740d49/attachment.html>


More information about the Freeradius-Users mailing list