Free radius installation

José Campos jjscampos at gmail.com
Sun Jan 24 21:41:41 CET 2010


I did used nmap like bellow:

[root at localhost raddb]# nmap -v -O localhost

Starting Nmap 5.00 ( http://nmap.org ) at 2010-01-24 14:15 WET
NSE: Loaded 0 scripts for scanning.
Warning: Hostname localhost resolves to 2 IPs. Using 127.0.0.1.
Initiating SYN Stealth Scan at 14:15
Scanning localhost (127.0.0.1) [1000 ports]
Discovered open port 111/tcp on 127.0.0.1
Discovered open port 22/tcp on 127.0.0.1
Completed SYN Stealth Scan at 14:15, 0.03s elapsed (1000 total ports)
Initiating OS detection (try #1) against localhost (127.0.0.1)
Host localhost (127.0.0.1) is up (0.000013s latency).
Interesting ports on localhost (127.0.0.1):
Not shown: 998 closed ports
PORT    STATE SERVICE
22/tcp  open  ssh
111/tcp open  rpcbind
Device type: general purpose
Running: Linux 2.6.X
OS details: Linux 2.6.15 - 2.6.27
Uptime guess: 1.827 days (since Fri Jan 22 18:25:10 2010)
Network Distance: 0 hops
TCP Sequence Prediction: Difficulty=192 (Good luck!)
IP ID Sequence Generation: All zeros

Read data files from: /usr/share/nmap
OS detection performed. Please report any incorrect results at
http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 1.51 seconds
           Raw packets sent: 1019 (45.598KB) | Rcvd: 2043 (86.988KB)
[root at localhost raddb]#

....

As I understood is that everything all right with iptables?
So why I can't test radius, It seems like something is blocking between
radtest(radclient) and radiusd server, because theres no debug info...

Can I debug somehow with more details the radtest command sugested on the
freeradius toturial

         José Campos

-----Mensagem original-----
De: freeradius-users-bounces+jjscampos=gmail.com at lists.freeradius.org
[mailto:freeradius-users-bounces+jjscampos=gmail.com at lists.freeradius.org]
Em nome de Alan Buxey
Enviada: domingo, 24 de Janeiro de 2010 16:01
Para: FreeRadius users mailing list
Assunto: Re: Free radius installation

Hi,

> -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
> -A INPUT -m state --state NEW -m udp -p udp --dport 1812 -j ACCEPT
> -A INPUT -m state --state NEW -m udp -p udp --dport 1813 -j ACCEPT


its an interesting idea putting state requirements onto UDP protocol
methods

> But I do not understand why this output of nmap localhost, after radiusd
-X
> ...
> Interesting ports on localhost (127.0.0.1):
> Not shown: 998 closed ports
> PORT    STATE SERVICE
> 22/tcp  open  ssh
> 111/tcp open  rpcbind

..and what method of nma scan did you use - just quick TCP scan or a full
inspection?

alan
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html





More information about the Freeradius-Users mailing list