Problem with Proxy server testing
Hi, I was trying to test the proxy server concept of freeradius so I did this: /* proxy.conf */ I added two proxy servers home_server safeword1 { type = auth+acct ipaddr = 192.168.178.25 port = 1812 secret = letmesafeword require_message_authenticator = no response_window = 20 zombie_period = 40 revive_interval = 120 status_check = status-server check_interval = 30 num_answers_to_alive = 3 } home_server google1 { type = auth+acct ipaddr = 172.16.1.27 port = 1812 secret = letmegoogle require_message_authenticator = no response_window = 20 zombie_period = 40 revive_interval = 120 status_check = status-server check_interval = 30 num_answers_to_alive = 3 } home_server_pool my_safeword_radius_servers { type = fail-over home_server = safeword1 } home_server_pool my_googleotp_radius_servers { type = fail-over home_server = google1 } realm "SAFEWORD" { auth_pool = my_safeword_radius_servers acct_pool = my_safeword_radius_servers } realm "GOOGLE" { auth_pool = my_googleotp_radius_servers acct_pool = my_googleotp_radius_servers } realm "GOOGLE" { # do nothing # this means use the local server } In /*hint*/ I added # GOOGLE #Detect gA at start of username and if so add realm GOOGLE at the end # see http://wiki.freeradius.org/Hints DEFAULT User-Name =~ "^(gA.*)" User-Name := "%{1}@GOOGLE" # SAFEWORD # Detect lowercase "v", 1 or 2 captial letters followed by 6 numbers # at start of username to identify a SAFEWORD token # and if so add realm SAFEWORD at the end # see http://wiki.freeradius.org/Hints DEFAULT User-Name =~ "^(v[A-Z]{1,2}[0-9]{6})" User-Name := "%{1}@SAFEWORD" Now I used radtest with the following command /opt/freeradius/bin/radtest gA123443 592455 192.168.178.25 1812 letmegoogle But it is giving an error. Please help me to resolve the same. Debug log: Listening on command file /opt/freeradius/var/run/radiusd/radiusd.sock Listening on auth address * port 1812 as server default Listening on acct address * port 1813 as server default Listening on auth address :: port 1812 as server default Listening on acct address :: port 1813 as server default Listening on auth address 127.0.0.1 port 18120 as server inner-tunnel Opening new proxy socket 'proxy address * port 0' Listening on proxy address * port 48013 Ready to process requests Received Access-Request Id 69 from 127.0.0.1:42855 to 127.0.0.1:1812 length 78 (0) Received Access-Request packet from host 127.0.0.1 port 42855, id=69, length=78 (0) Dropping packet without response because of error: Received packet from 127.0.0.1 with invalid Message-Authenticator! (Shared secret is incorrect.) Waking up in 0.3 seconds. (0) Cleaning up request packet ID 69 with timestamp +12 Ready to process requests Received Access-Request Id 69 from 127.0.0.1:42855 to 127.0.0.1:1812 length 78 (1) Received Access-Request packet from host 127.0.0.1 port 42855, id=69, length=78 (1) Dropping packet without response because of error: Received packet from 127.0.0.1 with invalid Message-Authenticator! (Shared secret is incorrect.) Waking up in 0.3 seconds. (1) Cleaning up request packet ID 69 with timestamp +17 Ready to process requests Received Access-Request Id 69 from 127.0.0.1:42855 to 127.0.0.1:1812 length 78 (2) Received Access-Request packet from host 127.0.0.1 port 42855, id=69, length=78 (2) Dropping packet without response because of error: Received packet from 127.0.0.1 with invalid Message-Authenticator! (Shared secret is incorrect.) Waking up in 0.3 seconds. (2) Cleaning up request packet ID 69 with timestamp +22 Ready to process requests Regards, Sonu
participants (1)
-
Himanshu Pandey