On Wed, Nov 11, 2015 at 11:28:10AM -0500, Toyam Cox wrote: ...
radiusd: #### Loading Clients #### client localhost { ipaddr = 127.0.0.1 require_message_authenticator = no secret = "testing123" nastype = "other" } ... rlm_sql (sql): Read entry nasname=10.0.0.4,shortname=testing,secret=testing123 rlm_sql (sql): Adding client 10.0.0.4 (testing, server=<none>) to clients list ... Ready to process requests.
That's better - same server setup.
rad_recv: Access-Request packet from host 10.0.0.4 port 3787, id=254, length=133 User-Name = "Aviator" NAS-IP-Address = 10.0.0.4 NAS-Port = 0 Message-Authenticator = 0xbca92aec49da8848ab95b8ac15e7daab MS-CHAP-Challenge = 0x179924b2ec0ad514 MS-CHAP-Response = 0x0001000000000000000000000000000000000000000000000000b5b672c3217a5fd2ca598435ee57218a92635838e3783684 # Executing section authorize from file /etc/raddb/sites-enabled/default +group authorize { ...
Sending Access-Accept of id 254 to 10.0.0.4 port 3787 ...
And it works. Which gives two likely possibilities - shared secret incorrectly defined on NAS - NAS is broken. FreeRADIUS looks fine - investigate or replace your NAS. Cheers, Matthew -- Matthew Newton, Ph.D. <mcn4@le.ac.uk> Systems Specialist, Infrastructure Services, I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom For IT help contact helpdesk extn. 2253, <ithelp@le.ac.uk>