<br><br><div class="gmail_quote"><br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div><br></div><div>I am running freeradius 2.1.10 on Debian 6.0.3.</div><div><br></div><div>What startup script in Debian starts freeradius? I would like to add the -X option to it.</div>
<div><br></div><div>My first problem is I can't get radtest to work. The only thing I have modified is the User file. I searched the FAQs and maillist archives to no avail.</div>
<div><br></div><div>Top lines in User file:</div><div><div> bob Cleartext-Password := "hello"</div><div> Reply-Message = "Hello, BOB"</div><div> testing Cleartext-Password := "password"</div>
<div> Reply-Message = "Testing in Progress"</div><div>#</div></div><div><br></div><div>My radtest:</div><div><div>root@Mikado:/etc/freeradius# radtest bob hello localhost 0 testing123</div><div>Sending Access-Request of id 171 to 127.0.0.1 port 1812</div>
<div> User-Name = "bob"</div><div> User-Password = "hello"</div><div> NAS-IP-Address = 10.56.1.11</div><div> NAS-Port = 0</div><div>radclient: Failed to send packet for ID 171: (unknown error)</div>
<div>Sending Access-Request of id 171 to 127.0.0.1 port 1812</div><div> User-Name = "bob"</div><div> User-Password = "hello"</div><div> NAS-IP-Address = 10.56.1.11</div><div> NAS-Port = 0</div>
<div>radclient: Failed to send packet for ID 171: (unknown error)</div><div>Sending Access-Request of id 171 to 127.0.0.1 port 1812</div><div> User-Name = "bob"</div><div> User-Password = "hello"</div>
<div> NAS-IP-Address = 10.56.1.11</div><div> NAS-Port = 0</div><div>radclient: Failed to send packet for ID 171: (unknown error)</div><div>radclient: no response from server for ID 171 socket 3</div></div><div>
<br></div><div><br></div><div>Debug output:</div><div><br></div><div><div>FreeRADIUS Version 2.1.10, for host i486-pc-kfreebsd-gnu, built on Nov 15 2010 at 09:02:02</div><div>Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.</div>
<div>There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A</div><div>PARTICULAR PURPOSE.</div><div>You may redistribute copies of FreeRADIUS under the terms of the</div><div>GNU General Public License v2.</div>
<div>Starting - reading configuration files ...</div><div>including configuration file /etc/freeradius/radiusd.conf</div><div>including configuration file /etc/freeradius/proxy.conf</div><div>including configuration file /etc/freeradius/clients.conf</div>
<div>including files in directory /etc/freeradius/modules/</div><div>including configuration file /etc/freeradius/modules/always</div><div>including configuration file /etc/freeradius/modules/attr_filter</div><div>including configuration file /etc/freeradius/modules/attr_rewrite</div>
<div>including configuration file /etc/freeradius/modules/chap</div><div>including configuration file /etc/freeradius/modules/checkval</div><div>including configuration file /etc/freeradius/modules/counter</div><div>including configuration file /etc/freeradius/modules/cui</div>
<div>including configuration file /etc/freeradius/modules/detail</div><div>including configuration file /etc/freeradius/modules/<a href="http://detail.example.com" target="_blank">detail.example.com</a></div><div>including configuration file /etc/freeradius/modules/detail.log</div>
<div>including configuration file /etc/freeradius/modules/digest</div><div>including configuration file /etc/freeradius/modules/dynamic_clients</div><div>including configuration file /etc/freeradius/modules/echo</div><div>
including configuration file /etc/freeradius/modules/etc_group</div><div>including configuration file /etc/freeradius/modules/exec</div><div>including configuration file /etc/freeradius/modules/expiration</div><div>including configuration file /etc/freeradius/modules/expr</div>
<div>including configuration file /etc/freeradius/modules/files</div><div>including configuration file /etc/freeradius/modules/inner-eap</div><div>including configuration file /etc/freeradius/modules/ippool</div><div>including configuration file /etc/freeradius/modules/krb5</div>
<div>including configuration file /etc/freeradius/modules/ldap</div><div>including configuration file /etc/freeradius/modules/linelog</div><div>including configuration file /etc/freeradius/modules/logintime</div><div>including configuration file /etc/freeradius/modules/mac2ip</div>
<div>including configuration file /etc/freeradius/modules/mschap</div><div>including configuration file /etc/freeradius/modules/mac2vlan</div><div>including configuration file /etc/freeradius/modules/ntlm_auth</div><div>
including configuration file /etc/freeradius/modules/opendirectory</div>
<div>including configuration file /etc/freeradius/modules/otp</div><div>including configuration file /etc/freeradius/modules/pam</div><div>including configuration file /etc/freeradius/modules/pap</div><div>including configuration file /etc/freeradius/modules/passwd</div>
<div>including configuration file /etc/freeradius/modules/perl</div><div>including configuration file /etc/freeradius/modules/policy</div><div>including configuration file /etc/freeradius/modules/preprocess</div><div>including configuration file /etc/freeradius/modules/radutmp</div>
<div>including configuration file /etc/freeradius/modules/realm</div><div>including configuration file /etc/freeradius/modules/smbpasswd</div><div>including configuration file /etc/freeradius/modules/smsotp</div><div>including configuration file /etc/freeradius/modules/sql_log</div>
<div>including configuration file /etc/freeradius/modules/sqlcounter_expire_on_login</div><div>including configuration file /etc/freeradius/modules/sradutmp</div><div>including configuration file /etc/freeradius/modules/unix</div>
<div>including configuration file /etc/freeradius/modules/wimax</div><div>including configuration file /etc/freeradius/modules/acct_unique</div><div>including configuration file /etc/freeradius/eap.conf</div><div>including configuration file /etc/freeradius/policy.conf</div>
<div>including files in directory /etc/freeradius/sites-enabled/</div><div>including configuration file /etc/freeradius/sites-enabled/default</div><div>including configuration file /etc/freeradius/sites-enabled/inner-tunnel</div>
<div>main {</div><div> user = "freerad"</div><div> group = "freerad"</div><div> allow_core_dumps = no</div><div>}</div><div>including dictionary file /etc/freeradius/dictionary</div>
<div>main {</div><div> prefix = "/usr"</div><div> localstatedir = "/var"</div><div> logdir = "/var/log/freeradius"</div><div> libdir = "/usr/lib/freeradius"</div>
<div> radacctdir = "/var/log/freeradius/radacct"</div><div> hostname_lookups = no</div><div> max_request_time = 30</div><div> cleanup_delay = 5</div><div> max_requests = 1024</div>
<div> pidfile = "/var/run/freeradius/freeradius.pid"</div><div> checkrad = "/usr/sbin/checkrad"</div><div> debug_level = 0</div><div> proxy_requests = yes</div><div> log {</div>
<div> stripped_names = no</div><div> auth = no</div><div> auth_badpass = no</div><div> auth_goodpass = no</div><div> }</div><div> security {</div><div> max_attributes = 200</div><div> reject_delay = 1</div>
<div> status_server = yes</div><div> }</div><div>}</div><div>radiusd: #### Loading Realms and Home Servers ####</div><div> proxy server {</div><div> retry_delay = 5</div><div> retry_count = 3</div><div>
default_fallback = no</div><div> dead_time = 120</div><div> wake_all_if_all_dead = no</div><div> }</div><div> home_server localhost {</div><div> ipaddr = 127.0.0.1</div><div> port = 1812</div>
<div> type = "auth"</div><div> secret = "testing123"</div><div> response_window = 20</div><div> max_outstanding = 65536</div><div> require_message_authenticator = yes</div>
<div> zombie_period = 40</div><div> status_check = "status-server"</div><div> ping_interval = 30</div><div> check_interval = 30</div><div> num_answers_to_alive = 3</div><div> num_pings_to_alive = 3</div>
<div> revive_interval = 120</div><div> status_check_timeout = 4</div><div> irt = 2</div><div> mrt = 16</div><div> mrc = 5</div><div> mrd = 30</div><div> }</div><div> home_server_pool my_auth_failover {</div>
<div> type = fail-over</div><div> home_server = localhost</div><div> }</div><div> realm <a href="http://example.com" target="_blank">example.com</a> {</div><div> auth_pool = my_auth_failover</div><div>
}</div><div> realm LOCAL {</div>
<div> }</div><div>radiusd: #### Loading Clients ####</div><div> client localhost {</div><div> ipaddr = 127.0.0.1</div><div> require_message_authenticator = no</div><div> secret = "testing123"</div>
<div> nastype = "other"</div><div> }</div><div>radiusd: #### Instantiating modules ####</div><div> instantiate {</div><div> Module: Linked to module rlm_exec</div><div> Module: Instantiating module "exec" from file /etc/freeradius/modules/exec</div>
<div> exec {</div><div> wait = no</div><div> input_pairs = "request"</div><div> shell_escape = yes</div><div> }</div><div> Module: Linked to module rlm_expr</div><div> Module: Instantiating module "expr" from file /etc/freeradius/modules/expr</div>
<div> Module: Linked to module rlm_expiration</div><div> Module: Instantiating module "expiration" from file /etc/freeradius/modules/expiration</div><div> expiration {</div><div> reply-message = "Password Has Expired "</div>
<div> }</div><div> Module: Linked to module rlm_logintime</div><div> Module: Instantiating module "logintime" from file /etc/freeradius/modules/logintime</div><div> logintime {</div><div> reply-message = "You are calling outside your allowed timespan "</div>
<div> minimum-timeout = 60</div><div> }</div><div> }</div><div>radiusd: #### Loading Virtual Servers ####</div><div>server inner-tunnel { # from file /etc/freeradius/sites-enabled/inner-tunnel</div><div> modules {</div>
<div> Module: Checking authenticate {...} for more modules to load</div><div> Module: Linked to module rlm_pap</div><div> Module: Instantiating module "pap" from file /etc/freeradius/modules/pap</div><div> pap {</div>
<div> encryption_scheme = "auto"</div><div> auto_header = no</div><div> }</div><div> Module: Linked to module rlm_chap</div><div> Module: Instantiating module "chap" from file /etc/freeradius/modules/chap</div>
<div> Module: Linked to module rlm_mschap</div><div> Module: Instantiating module "mschap" from file /etc/freeradius/modules/mschap</div><div> mschap {</div><div> use_mppe = yes</div><div> require_encryption = no</div>
<div> require_strong = no</div><div> with_ntdomain_hack = no</div><div> }</div><div> Module: Linked to module rlm_unix</div><div> Module: Instantiating module "unix" from file /etc/freeradius/modules/unix</div>
<div> unix {</div><div> radwtmp = "/var/log/freeradius/radwtmp"</div><div> }</div><div> Module: Linked to module rlm_eap</div><div> Module: Instantiating module "eap" from file /etc/freeradius/eap.conf</div>
<div> eap {</div><div> default_eap_type = "md5"</div><div> timer_expire = 60</div><div> ignore_unknown_eap_types = no</div><div> cisco_accounting_username_bug = no</div><div> max_sessions = 4096</div>
<div> }</div><div> Module: Linked to sub-module rlm_eap_md5</div><div> Module: Instantiating eap-md5</div><div> Module: Linked to sub-module rlm_eap_leap</div><div> Module: Instantiating eap-leap</div><div> Module: Linked to sub-module rlm_eap_gtc</div>
<div> Module: Instantiating eap-gtc</div><div> gtc {</div><div> challenge = "Password: "</div><div> auth_type = "PAP"</div><div> }</div><div> Module: Linked to sub-module rlm_eap_tls</div>
<div> Module: Instantiating eap-tls</div><div> tls {</div><div> rsa_key_exchange = no</div><div> dh_key_exchange = yes</div><div> rsa_key_length = 512</div><div> dh_key_length = 512</div><div>
verify_depth = 0</div><div> CA_path = "/etc/freeradius/certs"</div><div> pem_file_type = yes</div><div> private_key_file = "/etc/freeradius/certs/server.key"</div><div> certificate_file = "/etc/freeradius/certs/server.pem"</div>
<div> CA_file = "/etc/freeradius/certs/ca.pem"</div><div> private_key_password = "whatever"</div><div> dh_file = "/etc/freeradius/certs/dh"</div><div> random_file = "/dev/urandom"</div>
<div> fragment_size = 1024</div><div> include_length = yes</div><div> check_crl = no</div><div> cipher_list = "DEFAULT"</div><div> make_cert_command = "/etc/freeradius/certs/bootstrap"</div>
<div> cache {</div><div> enable = no</div><div> lifetime = 24</div><div> max_entries = 255</div><div> }</div><div> verify {</div><div> }</div><div> }</div><div> Module: Linked to sub-module rlm_eap_ttls</div>
<div> Module: Instantiating eap-ttls</div><div> ttls {</div><div> default_eap_type = "md5"</div><div> copy_request_to_tunnel = no</div><div> use_tunneled_reply = no</div><div> virtual_server = "inner-tunnel"</div>
<div> include_length = yes</div><div> }</div><div> Module: Linked to sub-module rlm_eap_peap</div><div> Module: Instantiating eap-peap</div><div> peap {</div><div> default_eap_type = "mschapv2"</div>
<div> copy_request_to_tunnel = no</div><div> use_tunneled_reply = no</div><div> proxy_tunneled_request_as_eap = yes</div><div> virtual_server = "inner-tunnel"</div><div> }</div><div>
Module: Linked to sub-module rlm_eap_mschapv2</div><div> Module: Instantiating eap-mschapv2</div><div> mschapv2 {</div><div> with_ntdomain_hack = no</div><div> }</div><div> Module: Checking authorize {...} for more modules to load</div>
<div> Module: Linked to module rlm_realm</div><div> Module: Instantiating module "suffix" from file /etc/freeradius/modules/realm</div><div> realm suffix {</div><div> format = "suffix"</div><div>
delimiter = "@"</div><div> ignore_default = no</div><div> ignore_null = no</div><div> }</div><div> Module: Linked to module rlm_files</div><div> Module: Instantiating module "files" from file /etc/freeradius/modules/files</div>
<div> files {</div><div> usersfile = "/etc/freeradius/users"</div><div> acctusersfile = "/etc/freeradius/acct_users"</div><div> preproxy_usersfile = "/etc/freeradius/preproxy_users"</div>
<div> compat = "no"</div><div> }</div><div> Module: Checking session {...} for more modules to load</div><div> Module: Linked to module rlm_radutmp</div><div> Module: Instantiating module "radutmp" from file /etc/freeradius/modules/radutmp</div>
<div> radutmp {</div><div> filename = "/var/log/freeradius/radutmp"</div><div> username = "%{User-Name}"</div><div> case_sensitive = yes</div><div> check_with_nas = yes</div>
<div> perm = 384</div><div> callerid = yes</div><div> }</div><div> Module: Checking post-proxy {...} for more modules to load</div><div> Module: Checking post-auth {...} for more modules to load</div><div>
Module: Linked to module rlm_attr_filter</div>
<div> Module: Instantiating module "attr_filter.access_reject" from file /etc/freeradius/modules/attr_filter</div><div> attr_filter attr_filter.access_reject {</div><div> attrsfile = "/etc/freeradius/attrs.access_reject"</div>
<div> key = "%{User-Name}"</div><div> }</div><div> } # modules</div><div>} # server</div><div>server { # from file /etc/freeradius/radiusd.conf</div><div> modules {</div><div> Module: Checking authenticate {...} for more modules to load</div>
<div> Module: Linked to module rlm_digest</div><div> Module: Instantiating module "digest" from file /etc/freeradius/modules/digest</div><div> Module: Checking authorize {...} for more modules to load</div><div>
Module: Linked to module rlm_preprocess</div><div> Module: Instantiating module "preprocess" from file /etc/freeradius/modules/preprocess</div><div> preprocess {</div><div> huntgroups = "/etc/freeradius/huntgroups"</div>
<div> hints = "/etc/freeradius/hints"</div><div> with_ascend_hack = no</div><div> ascend_channels_per_line = 23</div><div> with_ntdomain_hack = no</div><div> with_specialix_jetstream_hack = no</div>
<div> with_cisco_vsa_hack = no</div><div> with_alvarion_vsa_hack = no</div><div> }</div><div> Module: Checking preacct {...} for more modules to load</div><div> Module: Linked to module rlm_acct_unique</div>
<div> Module: Instantiating module "acct_unique" from file /etc/freeradius/modules/acct_unique</div><div> acct_unique {</div><div> key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"</div>
<div> }</div><div> Module: Checking accounting {...} for more modules to load</div><div> Module: Linked to module rlm_detail</div><div> Module: Instantiating module "detail" from file /etc/freeradius/modules/detail</div>
<div> detail {</div><div> detailfile = "/var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d"</div><div> header = "%t"</div><div> detailperm = 384</div><div> dirperm = 493</div>
<div> locking = no</div><div> log_packet_header = no</div><div> }</div><div> Module: Instantiating module "attr_filter.accounting_response" from file /etc/freeradius/modules/attr_filter</div><div>
attr_filter attr_filter.accounting_response {</div><div> attrsfile = "/etc/freeradius/attrs.accounting_response"</div><div> key = "%{User-Name}"</div><div> }</div><div> Module: Checking session {...} for more modules to load</div>
<div> Module: Checking post-proxy {...} for more modules to load</div><div> Module: Checking post-auth {...} for more modules to load</div><div> } # modules</div><div>} # server</div><div>radiusd: #### Opening IP addresses and Ports ####</div>
<div>listen {</div><div> type = "auth"</div><div> ipaddr = *</div><div> port = 0</div><div>}</div><div>listen {</div><div> type = "acct"</div><div> ipaddr = *</div><div>
port = 0</div><div>}</div><div>listen {</div><div> type = "auth"</div><div> ipaddr = 127.0.0.1</div><div> port = 18120</div><div>}</div><div>Listening on authentication address * port 1812</div>
<div>Listening on accounting address * port 1813</div><div>Listening on authentication address 127.0.0.1 port 18120 as server inner-tunnel</div><div>Listening on proxy address * port 1814</div><div>Ready to process requests.</div>
<div><br></div><div><br></div><div>Thanks for your patience and replies,</div><div><br></div><div>Dale</div><div><br></div>-- <br><div align="left">
<p style="margin:0in 0in 0pt" align="left"><span style="font-size:8pt;font-family:Arial">Dale
Grice</span></p>
<p style="margin:0in 0in 0pt"><span style="font-size:8pt;font-family:Arial">Staff Engineer, Lab Architect;
Motorola</span></p>
<p style="margin:0in 0in 0pt"><font face="Arial"><span style="font-size:11px"><br></span></font></p></div>
</div>
<br></blockquote></div><br><br clear="all"><div><br></div></blockquote></div>