How to configure RADIUS on 2 IP address Server

Alan DeKok aland at
Thu Dec 11 09:02:26 CET 2008

Pongsak Tawankanjanachot wrote:
>    I started installing, ,setting, running ./radiusd -X with default
> configuration.

  No.  You've configured the server to proxy requests to itself.  This
is wrong.

> Sending Access-Accept of id 102 to* *
> port 36272
>         Framed-MTU = 1400
>         NAS-IP-Address = 
>         NAS-Port = 15
> Finished request 5.
> Going to the next request
> Waking up in 4.9 seconds.
> rad_recv: Access-Accept packet from host
>  port 1812, id=102, length=38

  You have configured it to proxy requests to itself.  Don't do that.

> My question is why the Access-Accept is to
>  (It should be


  1) you have 2 interfaces
  2) you haven't used the "listen type = proxy" configuration to set
     the proxying IP address
  3) You haven't enabled UDPFROMTO in "configure"
  4) The OS picks a source IP address

  and, you've configured the server to proxy requests to itself.  Don't
do that.

> radiusd: #### Opening IP addresses and Ports ####
> Listening on authentication address
> port 1812
> Listening on accounting address
> port 1813
> Listening on proxy address port 1814
> Ready to process requests.
> Seems like RADIUS is listening on :D


> ==================================================================
>   On Server terminal, I test with radtest test test localhost 0 testing123
> Sending Access-Request of id 103 to  port 1812
>         User-Name = "test"
>         User-Password = "test"
>         NAS-IP-Address =
>         NAS-Port = 0
> /There is no response at all..../

  Do you understand what IP addresses are?  The server is listening on, while you're sending packets to  And you're
*surprised* that the server doesn't respond?  Why?

>  It replies!! Seems like it is listening at eth0
> BUT when I use RTRadPing Test Utility from local computer-WinXP SP3
> ( ) asking Authentication Request
> to 
> RTRadPing says no response from server, timeout.

  Look at the DEBUG output of the SERVER, not the client.

> What should I do next??
> Somebody can suggest me?
> I think this is just the first step, then I need to install OpenSSL and
> test....a long way to go..

  I would stop trying to configure the server, and start by
understanding how networks work.

  Alan DeKok.

More information about the Freeradius-Users mailing list