Freeradius 3 status server

Adam Bishop Adam.Bishop at jisc.ac.uk
Sat Dec 8 22:23:43 CET 2018


On 8 Dec 2018, at 21:05, Tim Cheyne <Tim.Cheyne at spark.co.nz> wrote:
> They come in on UDP port 1645.  Looking into status it would seem that you can't receive status requests from an upstream radius proxy on the same port (1645) that you process auth requests.  You would have to configure 18121 to be allowed thru the interconnecting firewalls etc and at both ends.

That's not correct. The status virtual server is used when you want a dedicated handler for status-server requests. Any virtual server can handle them on any port if you allow it.

The global setting is here:
  https://github.com/FreeRADIUS/freeradius-server/blob/v3.0.x/raddb/radiusd.conf.in#L494-L511

> Dropping packet without response because of error: Received packet from 10.241.69.183 with invalid Message-Authenticator!  (Shared secret is incorrect.)

Your shared secret isn't what you think it is.

> /etc/raddb/sites-available/status

Please don't send us default config files - we know what they contain.

If you think something is not working, please send a full debug to the list showing the failure.

Adam Bishop

  gpg: E75B 1F92 6407 DFDF 9F1C  BF10 C993 2504 6609 D460

jisc.ac.uk

Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T 0203 697 5800.

Jisc Services Limited is a wholly owned Jisc subsidiary and a company limited by guarantee which is registered in England under company number 2881024, VAT number GB 197 0632 86. The registered office is: One Castle Park, Tower Hill, Bristol BS2 0JA. T 0203 697 5800.  




More information about the Freeradius-Users mailing list