Freeradius server can not see any request from clients.

richard Bai baixin at gmail.com
Thu Oct 26 15:44:05 CEST 2006


Hi, Everyone,

Thanks for helping. I think I find out the problem. The damn Firewall is
running automatically with the system.
After I disable it, RADIUS starts responding.

So, although I can see the request packet arrived at the interface and port
from tcpdum command, it doesn't mean the RADIUS server see the packet.

Thanks again!
BR
Richard


On 10/26/06, Hernan Antolini <antolini at ar.ibm.com> wrote:
>
>
> Richard, to be sure about the packet arriving at the radius machine and
> see the content of the packet you can use "netcat".
> @radius-server : nc -l -u -p 1812 -vv -o /tmp/dump_hex_packet (will use
> UDP and dump hex info)
> @client_machine : radtest as usual
>
> hope it helps
>
> freeradius-users-bounces+antolini=ar.ibm.com at lists.freeradius.org wrote on
> 10/26/2006 09:29:27 AM:
>
> > Hi,
> >
> > Actually, the 0 in the radtest command means NAS-Port. Since 1812 is
> > the default port for radius defined in /etc/service, the Access-
> > Request is always sent to port 1812.
> > I can see the same messege as follow when I type both 0 or 1812:
> >             Sending Access-Request of id 40 to IP of server port 1812
> >                           User-Name = "username"
> >                           User-Password = "password"
> >                           NAS-IP-Address = 255.255.255.255
> >                           NAS-Port = 0/1812 (According to the number
> > typed in radtest command)
> >
> > Now, I am not sure wether the RADIUS server receives the Access-
> > Request from the client or not. As I said, I can see the packet
> > arrives at the interface and port of the server, but no information
> > printed out in RADIUS debug mode.
> > And the local test just works fine.
> >
> > Thanks!
> >
> > BR
> > Richard
> >
> >
> >
> >
> > On 10/26/06, Vasea Marii <vascim at yahoo.com> wrote:
> > I guess you didn't type " radtest username password localhost 0
> > sharedsecret" but " radtest username password localhost 1812
> > sharedsecret" why send it to the port 0?
> >
> >
> > richard Bai <baixin at gmail.com> wrote:
> >
>
> > Hi, everyone,
> >
> > I face a very strange problem right now when I configure a
> > freeradius server with PEAP + LDAP.
> >
> > I can start the radius in debug mode properly. I get following lines:
> > Listening on authentication *:1812
> > Listening on accounting *:1813
> > Ready to process requests.
> >
> > Then I did test by using " radtest username password localhost 0
> sharedsecret"
> > And the radius server replied with Access-Accept message. So, I
> > think the serve works just fine.
> >
> > But when I tested by using "radtest username password IP of server 0
> > sharedsecret" from a client conneted to the server through a hub, I
> > can not get anything back.
> > I even did not see any Access-Request information in debug mode on
> > the radius server. It looks like the radius doesn't receive anything.
> > However, I sniffered the interface via Ethereal and used " tcpdump -
> > v port 1812 " in the server, I do see the Access-Request packet
> > received by the interface on the server,
> > I confirmed that the 1812 port is open.
> >
> > Please give me some idea. Any advices or solution is welcome.
> >
> > Thank you very much!
> >
> >
> >
> > Best Regards
> > Richard
> > -
> > List info/subscribe/unsubscribe? See http://www.freeradius.
> > org/list/users.html
> >
> > Get your own web address for just $1.99/1st yr. We'll help. Yahoo!
> > Small Business .
> >
> > -
> > List info/subscribe/unsubscribe? See http://www.freeradius.
> > org/list/users.html
>
> > -
> > List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20061026/6846e7b9/attachment.html>


More information about the Freeradius-Users mailing list