dynamic_clients // Required attribute "FreeRADIUS-Client-Secret" is missing
Osvaldo T Crispim Filho
osvaldotcf at gmail.com
Thu Sep 27 15:46:21 CEST 2018
Why is not he finding the "secret"?
==============================
Freeradius 3.0.18
Debian 9 amd64
==============================
Table nas:
id | nasname | shortname | type | ports | secret | server | community
----+-------------+-----------+-------+-------+--------+--------+-----------
1 | 172.20.0.20 | ap-20 | other | | 123123 | |
2 | 172.20.0.21 | ap-21 | other | | 123123 | |
(2 rows)
=========================
fradius1:~$ psql -h localhost -d radius -U radius -W -c "select secret from
nas where nasname = '172.20.0.21';"
Password for user radius:
secret
--------
123123
(1 row)
==========================
freeradius -X:
Ready to process requests
(0) server dynamic_clients {
(0) # Executing section authorize from file
/etc/freeradius/sites-enabled/dynamic-clients
(0) authorize {
(0) if ("%{sql: SELECT nasname FROM nas WHERE nasname =
'%{Packet-Src-IP-Address}'}") {
(0) EXPAND %{User-Name}
(0) -->
(0) SQL-User-Name set to ''
rlm_sql (sql): Reserved connection (3)
(0) Executing select query: SELECT nasname FROM nas WHERE nasname =
'172.20.0.21'
(0) SQL query returned no results
rlm_sql (sql): Released connection (3)
Need 2 more connections to reach 10 spares
rlm_sql (sql): Opening additional connection (8), 1 of 24 pending slots used
(0) EXPAND %{sql: SELECT nasname FROM nas WHERE nasname =
'%{Packet-Src-IP-Address}'}
(0) -->
(0) if ("%{sql: SELECT nasname FROM nas WHERE nasname =
'%{Packet-Src-IP-Address}'}") -> FALSE
(0) [ok] = ok
(0) } # authorize = ok
(0) } # server dynamic_clients
(0) Converting control list to client fields
*(0) ERROR: Cannot add client 172.20.0.21 <http://172.20.0.21>: Required
attribute "FreeRADIUS-Client-Secret" is missing*
Ignoring request to auth address * port 1812 bound to server default from
unknown client 172.20.0.21 port 45122 proto udp
Ready to process requests
--
- Osvaldo T Crispim Filho -
More information about the Freeradius-Users
mailing list