Error: Ignoring request from unknown client IP:1645

Davide Molteni d.molteni at ntsitalia.com
Tue Feb 13 13:10:57 CET 2007 

Il giorno mar, 13/02/2007 alle 11.59 +0000, A.L.M.Buxey at lboro.ac.uk ha
scritto:
> Hi,
> 
> > client localhost {
> > 	secret = 181180
> > 	shortname = localhost
> > 	nastype = other
> > }
> > 
> > client 192.168.0.1 {
> > 	secret = 181180
> > 	shortname = testcisco
> > 	nastype = cisco
> > }
> > 
> 
> those look fine. have you actually tried a 'radtest' on the local server
> to check all is well?  eg put the following into your 'users' file
> 
> testuser01  Auth-Type:=Local, User-Password=="ehwtehi"
> 
> 
> restart radiusd process then do
> 
> radtest testuser01 ehwtehi localhost 1812 181180

Ok just after this test i have 

after many tries "Re-Sending Access-Request ..."

radclient: no response from server for ID 250

This without any change to the radiusd.conf Now I will make all the
modifications you suggested and send you the results.
I'm not proxying.
The freeradius version is 1.0.1
 
> 
> 
> 
> this is pure and simple PAP authentication at its best.
> 
> 
> 
> > ## radiusd.conf	-- FreeRADIUS server configuration file.
> 
> which version of freeradius? this config is a bit crusty for a 1.x
> install
> 
> change the following parts
> 
> 
> #bind_address = *
> #port = 0
> 
> listen {
>  	#  IP address on which to listen.
>  	#  Allowed values are:
>  	#	dotted quad (1.2.3.4)
>  	#       hostname    (radius.example.com)
>  	#       wildcard    (*)
> 	ipaddr = *
>  
>  	#  Port on which to listen.
>  	#  Allowed values are:
>  	#	integer port number (1812)
>  	#	0 means "use /etc/services for the proper port"
> 	port = 1645
>  
>  	#  Type of packets to listen for.
>  	#  Allowed values are:
>  	#	auth	listen for authentication packets
>  	#	acct	listen for accounting packets
>  	#
> 	type = auth
> }
> 
> this uses the 1.x listen directive. i've also changed the port to 1645 - as you say your
> cisco is expecting this port!
> 
> > proxy_requests  = yes
> > $INCLUDE  ${confdir}/proxy.conf
> 
> are you proxying? you didnt say so. you should set this to no(!)
> 
> > 	#  Supports multiple encryption schemes
> > 	#  clear: Clear text
> > 	#  crypt: Unix crypt
> > 	#    md5: MD5 ecnryption
> > 	#   sha1: SHA1 encryption.
> > 	#  DEFAULT: crypt
> > 	pap {
> > 		encryption_scheme = crypt
> > 	}
> 
> to do the radtest I mentioned above, this value needs to be 'clear'
> 
> you a crypted version of that password if you wish to use 'crypt'
> 
> 
> as for all the rest. if you arent using it. comment it out.
> 
> alan

More information about the Freeradius-Users mailing list