ignoring request from unknown client 127.0.0.1, although it is correctly defined in SQL and loaded on startup

Radim ROŠKA Radim.ROSKA at huatech.cz
Fri May 11 15:59:42 CEST 2018


Hi Alan,



I have uninstalled freeradius package and installed new one created following your guide :

https://wiki.freeradius.org/building/Debian-and-Ubuntu



Unfortunately it still behaves the same way ☹



$ freeradius -v

radiusd: FreeRADIUS Version 3.0.18, for host x86_64-pc-linux-gnu

FreeRADIUS Version 3.0.18


rlm_sql (sql): Processing generate_sql_clients
rlm_sql (sql) in generate_sql_clients: query is SELECT id, nasname, shortname, type, secret, server FROM nas
rlm_sql (sql): Reserved connection (0)
rlm_sql (sql): Executing select query: SELECT id, nasname, shortname, type, secret, server FROM nas
rlm_sql (sql): Adding client 127.0.0.1 (test123) to default clients list
rlm_sql (127.0.0.1): Client "test123" (sql) added
rlm_sql (sql): Adding client 10.0.0.16 (test1234) to default clients list
rlm_sql (10.0.0.16): Client "test1234" (sql) added
rlm_sql (sql): Released connection (0)


mysql> select * from nas;
+----+-----------+-----------+-------+-------+-----------+---------+-----------+---------------+---------+
| id | nasname   | shortname | type  | ports | secret    | server  | community | description   | version |
+----+-----------+-----------+-------+-------+-----------+---------+-----------+---------------+---------+
|  1 | 127.0.0.1 | test123   | other |  NULL | test      | default | NULL      | RADIUS Client |    NULL |
|  2 | 10.0.0.16 | test1234  | other |  NULL | radius-pw | default | NULL      | RADIUS Client |    NULL |
+----+-----------+-----------+-------+-------+-----------+---------+-----------+---------------+---------+
2 rows in set (0.00 sec)






radmin> show client list
127.0.0.1
10.0.0.16


portal at portal:~$ radtest test test 127.0.0.1 123 test
Sent Access-Request Id 75 from 0.0.0.0:41031 to 127.0.0.1:1812 length 74
        User-Name = "test"
        User-Password = "test"
        NAS-IP-Address = 10.0.1.16
        NAS-Port = 123
        Message-Authenticator = 0x00
        Cleartext-Password = "test"



Tested from localhost & from the device…

Ready to process requests
Ignoring request to auth address * port 1812 bound to server default from unknown client 127.0.0.1 port 33640 proto udp
Ready to process requests
Ignoring request to auth address * port 1812 bound to server default from unknown client 10.0.0.16 port 62470 proto udp








radmin> show module status sql
alive
radmin> show module config sql
sql {
        driver = "rlm_sql_mysql"
        server = "localhost"
        port = 3306
        login = "radius"
        password = "xxxxx"
        radius_db = "radius"
        read_groups = yes
        read_profiles = yes
        readclients = yes
        read_clients = yes
        deletestalesessions = yes
        delete_stale_sessions = yes
        sql_user_name = "%{User-Name}"
        logfile =
        default_user_profile = ""
        nas_query = "SELECT id, nasname, shortname, type, secret, server FROM nas"
        client_query = "SELECT id, nasname, shortname, type, secret, server FROM nas"
        open_query =
        authorize_check_query = "SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id"
        authorize_reply_query = "SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id"
        authorize_group_check_query = "SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{SQL-Group}' ORDER BY id"
        authorize_group_reply_query = "SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '%{SQL-Group}' ORDER BY id"
        group_membership_query = "SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority"
        simul_count_query = "SELECT COUNT(*) FROM radacct WHERE username = '%{SQL-User-Name}' AND acctstoptime IS NULL"
        simul_verify_query = "SELECT radacctid, acctsessionid, username, nasipaddress, nasportid, framedipaddress, callingstationid, framedprotocol FROM radacct
WHERE username = '%{SQL-User-Name}' AND acctstoptime IS NULL"
        safe-characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
        safe_characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
        query_timeout = 0
        accounting = ?
        post-auth = ?
}
radmin>



-----Original Message-----
From: Freeradius-Users <freeradius-users-bounces+radim.roska=huatech.cz at lists.freeradius.org> On Behalf Of Alan DeKok
Sent: Friday, May 11, 2018 2:10 PM
To: FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Subject: Re: ignoring request from unknown client 127.0.0.1, although it is correctly defined in SQL and loaded on startup



On May 11, 2018, at 8:01 AM, Radim ROŠKA <Radim.ROSKA at huatech.cz<mailto:Radim.ROSKA at huatech.cz>> wrote:

> My goal is to use SQL as backend for FREERADIUS. That includes definition of NAS. I'm fighting with it for several hours. All was working ok with using clients.conf configuration file. I believe I have read all posts in the forums slightly related to this...yet not sure why its still not working. I need to have more detailed debugging that would show, based on what RADIUS decides that those clients are unknown, even though its actually correctly added during startup (as it seems). Virtual server is configured correctly also I would say...



  Hmm... try 3.0.17.  I think that's been fixed.



  Alan DeKok.





-

List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


More information about the Freeradius-Users mailing list