Error: Ignoring request from unknown client IP:1645

Davide Molteni d.molteni at ntsitalia.com
Tue Feb 13 12:13:08 CET 2007


I'm very sorry Alan for replying to your own email address and not on
the list. Here it is


Il giorno lun, 12/02/2007 alle 13.35 +0100, Alan DeKok ha scritto:
> Davide Molteni wrote:
> 
> > On the cisco I configured:
> > radius-server host ipmyradius auth-port 1812 acct-port 1813
> > and the other aaa commands needed
> > 
> > If I look at the radius.log file I always see
> > 
> > Error: Ignoring request from unknown client ipmycisco:1645
> 
>   Did you configure the server to have that IP in "clients.conf"?

Sure! With the IP and the same shared key as the cisco NAS client

> 
> > The Cisco router keeps always trying to connect to radius using port
> > 1645 even if I specified to use 1812...
> 
>   That's a bug in the Cisco router.

Yea but is this a problem for freeradius to properly work? I need to set
freeradius to listen on 1645 in radiusd.conf? Or I need to change it
in /etc/services ?

> 
> > I have tried to configure radius
> > server to listen on port 1645 but is the same. 
> 
>   Listening on port 1645 won't make the server believe that
"ipmycisco"
> is a known client.

Well I know this very well in fact, the client that is ignored is
properly configured in clients.conf
> 
> > The microsoft radius integration(server 2003) worked at first try
with
> > this cisco config...
> 
>   Really.  Did you configure the Cisco box as a client in the MS
RADIUS
> server?

Yes, sure I had to put in the ms radius the cisco box as a client
otherwise it wouldn't work...

Please notice that I would like to use this radius for simple PAP ONLY.
Maybe I'm doing something wrong with users file?
Please tell me the right way to configure a single test user for PAP
only. I would like to disable unused modules (ldap,mysql...)

It couldn't be a problem of authentication method?

I forgot an important element to tell anyone wants to help.
I tried to change the shared key on one side (radius) and noticed that
log file continue to write again the same error

Ignoring request from unknown client IP:1645

So the issue it's due to the fact that cisco client don't exchange
shared key with radius...

This can halp to focus better the problem?

thanks in advance



More information about the Freeradius-Users mailing list