Reply-message stripped from access-reject response
sbcsgjmbbz at snkmail.com
sbcsgjmbbz at snkmail.com
Sat May 14 13:59:42 CEST 2011
On 14/05/2011 12:55, Alan DeKok aland-at-deployingradius.com
|freeradius-mailinglist| wrote:
> sbcsgjmbbz at snkmail.com wrote:
>> Using freeradius 1.1.3.
> Upgrade.
>
My apologies, I made a mistake, the version is 2.1.7
> Im trying to get freeradius to return a helpful
>> reply-message in access-rejects to the NAS but the reply-message seems
>> to get stripped from the access-reject packet. Ive configured the
>> reply-message as below in /etc/raddb/sites-enabled/default
> Huh? 1.1.3 doesn't have "sites-enabled".
>
> Figure out what you're doing. You won't be able to understand
> anything until then.
>> Using wireshark on the radius server,
> <sigh>
>
> I have no idea why some people are deathly opposed to running the
> server in debugging mode.
I'm not at all, I've run it in debugging mode and I can see the
reply-message as below. I just wanted to make sure the packets on the
wire were as expected.
Sending Access-Reject of id 184 to 10.0.2.3 port 45566
Reply-Message = "Login Failure"
>> However, on the receiving NAS, using wireshark, there is no
>> reply-message AVP!
> The packets are from different login attempts.
Im confused, the Packet identifier is the same. Can you explain how you
know this. Thanks, much appreciated!
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list