I have not edited or altered proxy.conf It currently has the following format with only active lines shown (I removed commented lines for ease of viewing.) # Proxy server configuration proxy server { default_fallback = no } home_server localhost { type = auth ipaddr = 127.0.0.1 port = 1812 secret = testing123 require_message_authenticator = yes response_window = 20 zombie_period = 40 revive_interval = 120 status_check = status-server check_interval = 30 max_outstanding = 65536 coa { irt = 2 mrt = 16 mrc = 5 mrd = 30 } } home_server_pool my_auth_failover { type = fail-over home_server = localhost } realm example.com { auth_pool = my_auth_failover } realm LOCAL { } PS Mohammed -if it helps i already used radtest user1 secret 192.168.0.93 1812 aaabbb and it works BUT The output received following that command in response is TWO consecutive rad_recv: Access-Accept packet.... FOllOWED by ONE radclient: received response to request we did not send.... From: fifeeliz1@hotmail.com To: freeradius-users@lists.freeradius.org Subject: RE: Testing failure during setup Date: Mon, 27 May 2013 18:47:31 +0000 Both servers were installed from apt-get which presently gives you freeradius version 2.1.12 for ubuntu 13.04 servers I used apt-get -y install freeradius freeradius-common freeradius-mysql freeradius-utils freeradius-ldap libfreeradius2 (and apt-get -y install mysql-client mysql-server apt-get -y install php5 php-pear php5-gd php-DB) When this did not work I then upgraded to the latest version 2.2.0 using PPA I used add-apt-repository ppa:freeradius/stable apt-get -y update upgrade PS if it helps radtest user1 secret 192.168.0.93 1812 aaabbb works BUT Output received in response is TWO consecutive rad_recv: Access-Accept packet FOllOWED by one radclient: received response to request we did not send PPS
You'll not that I get cranky when people *don't* follow instructions. You have followed them. So clearly you're a wonderful person.
Praise from Cesar :)
Date: Mon, 27 May 2013 09:20:53 -0400 From: aland@deployingradius.com To: freeradius-users@lists.freeradius.org Subject: Re: Testing failure during setup
Elizabeth Fife wrote:
I am ready for an earbending likely from Alan but for the record I have read the debug and done as much searching as my brain can handle before this post
You'll not that I get cranky when people *don't* follow instructions. You have followed them. So clearly you're a wonderful person.
I have the added each machine as a client of the other for testing in clients.conf they both have the shared secret aaabbb
Which should work.
In short, the server gets an Access-Request and processes it. The client doesn't like the reply.
Both Access-Request and Access-Challenge contain Message-Authenticator. The server processes the Access-Request *only* when the Message-Authenticator is correct. Which in turn depends on the shared secret.
So the shared secret is the same on both ends.
But, the client doesn't like the reply from the server. Which has a Message-Authenticator created using the same secret.
I'm not really sure what to suggest here. This kind of thing should *never* happen.
Did you install both servers from apt-get?
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html