I seem to be having a hardtime setting up FreeRADIUS to work with my Astaro firewall. First, in radiusd.conf I have left most of the configurations the same only made a few small ones such as the port for: listen { type = auth ipaddr = * port = 1812 (instead of the default 0) } In clients.conf, I have added the following: client ASG { ipaddr = 192.168.***.*** secret = my secret } In /etc/raddb/users I added user Cleartext-Password password. In Astaro I created a network definition with "host," as the type, ANY interface, and the IP for my box running FreeRADIUS. I also created a packet filter rule as follows: Group: WiFi Position: 59 Source: srv_freeradius Service: RADIUS Destination: firewall In the wireless security setting of Astaro under Advance/Enterprise Authentication I added the following information: RADIUS: srv_freeradius (network defition I created) RADIUS Port: RADIUS (This was already in place there) RADIUS Secret: my secret Repeat Secret: repeated secret Now whenever I run radtest user password localhost 0 secret I get the Access-Accept packet but if I modify the command and run radtest user password ASG_IP 1812 secret I get "radclient: no response from server for ID 168 socket 3" I also tried running radtest user password FreeRADIUS_Server_IP 1812 secret and the output in /usr/sbin/radiusd -X is as follows: " Ignoring request to authentication address * port 1812 from unknown client 192.168.***.*** port 48063 Ready to process requests." -- View this message in context: http://freeradius.1045715.n5.nabble.com/Setting-up-FreeRADIUS-tp5506078p5506... Sent from the FreeRadius - User mailing list archive at Nabble.com.
Hi,
port = 1812 (instead of the default 0)
doesnt matter - it'll use 1812 and not 0 - read from /etc/services
client ASG { ipaddr = 192.168.***.*** secret = my secret
if the secret really does have spaces in it, then you need to ensure its enclosed in quotes "my secret"
In /etc/raddb/users I added user Cleartext-Password password.
fred Cleartext-Password := "password" (note the := )
Now whenever I run radtest user password localhost 0 secret I get the Access-Accept packet but if I modify the command and run radtest user password ASG_IP 1812 secret I get "radclient: no response from server for ID 168 socket 3"
??? hat would be sending a RADIUS request to the ASG_IP server - is this running as a server that can take and accept a remote proxied request?
I also tried running radtest user password FreeRADIUS_Server_IP 1812 secret and the output in /usr/sbin/radiusd -X is as follows: " Ignoring request to authentication address * port 1812 from unknown client 192.168.***.*** port 48063
thats because you havent added 192.168.***.*** as a valid client in clients.conf alan
participants (2)
-
Alan Buxey -
ryuukuu