error unknown host, but it is configured in clients.conf

Thu Jul 13 01:18:48 CEST 2006

Hi, new guy here...   I can't get a Juniper NAS to authenticate to
FreeRadius.

The first thing I tried was a radtest of the local host (against
/etc/passwd), which worked:

root at host:/home $ radtest username password 127.0.0.1:1812 1812
testing123

Sending Access-Request of id 122 to 127.0.0.1 port 1812

        User-Name = "username"

        User-Password = "password"

        NAS-IP-Address = 255.255.255.255

        NAS-Port = 1812

rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=122,
length=20

And then I tried munging the password to make sure it got rejected,
which it did.

root at host:/home $ radtest username wrong-password 127.0.0.1:1812 1812
testing123

Sending Access-Request of id 126 to 127.0.0.1 port 1812

        User-Name = "username"

        User-Password = "wrong-password"

        NAS-IP-Address = 255.255.255.255

        NAS-Port = 1812

rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=126,
length=20

So then I tried it from the NAS and I get 

[root at aaa1 radius]# more radius.log 

Mon Jul 10 16:22:15 2006 : Info: Using deprecated naslist file.  Support
for thi

s will go away soon.

Mon Jul 10 16:22:15 2006 : Info: rlm_exec: Wait=yes but no output
defined. Did y

ou mean output=none?

Mon Jul 10 16:22:15 2006 : Info: Ready to process requests.

Tue Jul 11 09:25:29 2006 : Info: Reloading configuration files.

Tue Jul 11 09:25:29 2006 : Info: Using deprecated naslist file.  Support
for thi

s will go away soon.

Tue Jul 11 09:25:29 2006 : Info: rlm_exec: Wait=yes but no output
defined. Did y

ou mean output=none?

Tue Jul 11 09:25:29 2006 : Info: Ready to process requests.

Wed Jul 12 15:29:05 2006 : Error: Ignoring request from unknown client
10.1.10.1

:12000

And

[root at aaa1 raddb]# /usr/local/sbin/radiusd -x

Starting - reading configuration files ...

Using deprecated naslist file.  Support for this will go away soon.

Module: Loaded exec 

rlm_exec: Wait=yes but no output defined. Did you mean output=none?

Module: Instantiated exec (exec) 

Module: Loaded expr 

Module: Instantiated expr (expr) 

Module: Loaded PAP 

Module: Instantiated pap (pap) 

Module: Loaded CHAP 

Module: Instantiated chap (chap) 

Module: Loaded MS-CHAP 

Module: Instantiated mschap (mschap) 

Module: Loaded System 

Module: Instantiated unix (unix) 

Module: Loaded eap 

rlm_eap: Loaded and initialized type md5

rlm_eap: Loaded and initialized type leap

rlm_eap: Loaded and initialized type gtc

rlm_eap: Loaded and initialized type mschapv2

Module: Instantiated eap (eap) 

Module: Loaded preprocess 

Module: Instantiated preprocess (preprocess) 

Module: Loaded realm 

Module: Instantiated realm (suffix) 

Module: Loaded files 

Module: Instantiated files (files) 

Module: Loaded Acct-Unique-Session-Id 

Module: Instantiated acct_unique (acct_unique) 

Module: Loaded detail 

Module: Instantiated detail (detail) 

Module: Loaded radutmp 

Module: Instantiated radutmp (radutmp) 

Initializing the thread pool...

Listening on authentication *:1812

Listening on accounting *:1813

Ready to process requests.

rad_recv: Access-Request packet from host 10.1.10.1:12004, id=183,
length=69

Ignoring request from unknown client 10.1.10.1:12004

rad_recv: Access-Request packet from host 10.1.10.1:12004, id=184,
length=69

Ignoring request from unknown client 10.1.10.1:12004

Clients.conf has the following appended to the included file:

client 10.1.10.1  {

       secret          = password

       shortname       = aaa

}

And I've tried both stop/start and kill 1 'cat the pid file'

So...  what am I doing wrong?

Thanks!

Greg

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060712/34e6a078/attachment.html>