Testing failure during setup
Elizabeth Fife
fifeeliz1 at hotmail.com
Mon May 27 21:28:32 CEST 2013
I have not edited or altered proxy.conf
It currently has the following format with only active lines shown (I removed commented lines for ease of viewing.)
# Proxy server configuration
proxy server {
default_fallback = no
}
home_server localhost {
type = auth
ipaddr = 127.0.0.1
port = 1812
secret = testing123
require_message_authenticator = yes
response_window = 20
zombie_period = 40
revive_interval = 120
status_check = status-server
check_interval = 30
max_outstanding = 65536
coa {
irt = 2
mrt = 16
mrc = 5
mrd = 30
}
}
home_server_pool my_auth_failover {
type = fail-over
home_server = localhost
}
realm example.com {
auth_pool = my_auth_failover
}
realm LOCAL {
}
PS Mohammed -if it helps i already used radtest user1 secret 192.168.0.93 1812 aaabbb and it works
BUT The output received following that command in response is TWO consecutive
rad_recv: Access-Accept packet....
FOllOWED by ONE
radclient: received response to request we did not send....
From: fifeeliz1 at hotmail.com
To: freeradius-users at lists.freeradius.org
Subject: RE: Testing failure during setup
Date: Mon, 27 May 2013 18:47:31 +0000
Both servers were installed from apt-get which presently gives you freeradius version 2.1.12 for ubuntu 13.04 servers
I used
apt-get -y install freeradius freeradius-common freeradius-mysql freeradius-utils freeradius-ldap libfreeradius2
(and
apt-get -y install mysql-client mysql-server
apt-get -y install php5 php-pear php5-gd php-DB)
When this did not work I then upgraded to the latest version 2.2.0 using PPA
I used
add-apt-repository ppa:freeradius/stable
apt-get -y update upgrade
PS if it helps radtest user1 secret 192.168.0.93 1812 aaabbb works
BUT Output received in response is TWO consecutive rad_recv: Access-Accept packet FOllOWED by one radclient: received response to request we did not send
PPS
> You'll not that I get cranky when people *don't* follow instructions.
> You have followed them. So clearly you're a wonderful person.
>
Praise from Cesar :)
> Date: Mon, 27 May 2013 09:20:53 -0400
> From: aland at deployingradius.com
> To: freeradius-users at lists.freeradius.org
> Subject: Re: Testing failure during setup
>
> Elizabeth Fife wrote:
> > I am ready for an earbending likely from Alan but for the record I have
> > read the debug and done as much searching as my brain can handle before
> > this post
>
> You'll not that I get cranky when people *don't* follow instructions.
> You have followed them. So clearly you're a wonderful person.
>
> > I have the added each machine as a client of the other for testing in
> > clients.conf they both have the shared secret aaabbb
>
> Which should work.
>
> In short, the server gets an Access-Request and processes it. The
> client doesn't like the reply.
>
> Both Access-Request and Access-Challenge contain
> Message-Authenticator. The server processes the Access-Request *only*
> when the Message-Authenticator is correct. Which in turn depends on the
> shared secret.
>
> So the shared secret is the same on both ends.
>
> But, the client doesn't like the reply from the server. Which has a
> Message-Authenticator created using the same secret.
>
> I'm not really sure what to suggest here. This kind of thing should
> *never* happen.
>
> Did you install both servers from apt-get?
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20130527/7682aa1e/attachment-0001.html>
More information about the Freeradius-Users
mailing list