Hi, Thanks for the help. Now radiusd is receiving the packets. But it is ignoring the packat saying it is from unknow client. rad_recv: Access-Request packet from host 2001:888:1941::3 port 30407, id=101, length=88 Ignoring request from unknown client 2001:888:1941::3 port 30407 I have following entry in the clients.conf file client 2001:888:1941::3 { secret = sharedsecret shortname = mps_daz_1 } Thanks in advance. Regards, Sujata
-----Original Message----- From: freeradius-users-bounces+sujata.gaddemane=wipro.com@lists.freer adius.org [mailto:freeradius-users-bounces+sujata.gaddemane=wipro.com@lis ts.freeradius.org] On Behalf Of A.L.M.Buxey@lboro.ac.uk Sent: Friday, October 06, 2006 1:34 AM To: FreeRadius users mailing list Subject: Re: IPV6 support
Hi,
Hi,
I am using FreeRADIUS 2.0.0 ; $Date: 2006/08/15 20:46:48
Will this server work on a host configured with IPV6 address and clients will still be able to authenticate using this server?
I am currently not able to use this radius server. Using
tcpdump I
could see the radius packets reaching the server, but the packet is not reaching the radiusd daemon.
Do I need to do any configuration changes for the same? Should I use some other version?
you need to configure your freeradius radiusd.conf to use IPv6.
eg
listen { ipv6addr = ::1 # any. ::1 == localhost port = 0 type = auth # interface = eth0 }
PLEASE read the example radiusd.conf in raddb for more info - for example, one freeradius daemon CANNOT run ipv4 and ipv6 at the same time (currently) and ALSO there is a bug. :: (listen on any address) causes a segmentation fault. ::1 (listen localhost only) works fine - I'm _supposing_ that setting the systems IPv6 address as the value would work, but I dont have any remote tools to test against. its not like IPv6 is going anywhere anyway........ ;-)
you can tell its working (as much as it currently does) by looking att he debug logs when you run 'radiusd -X'...you should see something like
main: port = 1812 listen: type = "auth" listen: ipv6addr = ::1 IPv6 address [::1] listen: port = 0
and see the listening process using 'netstat' tool (for example)
alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com