Authenticating wifi users via mysqldb

Arran Cudbard-Bell a.cudbardb at freeradius.org
Mon Jan 27 03:17:23 CET 2014


On 27 Jan 2014, at 01:23, Winston McDowell <winston.mcd99 at gmail.com> wrote:

> I tried setting up freeradius with mysql based on the information from the wiki site.
> 
> I can run radtest from the command line and authenticate a user in the database.
> 
> Every attempt via wifi generates the error "Ignoring requests to authentication address * port 1812 from unknown client 192.168.226.248 port 58245"

* Ignoring (which in this case also means discarding)
* Requests (most likely RADIUS requests as this is a RADIUS server)
* to authentication address * (i.e. the address the server expects to receive authentication requests on, the * in this case is a wildcard, meaning all local IP addresses are authentication addresses)
* port 1812 (the port the server is listening on)
* unknown client (means the server doesn't recognise the client)
* 192.168.226.248 (the IP address of the unknown client)
* port 58245 (the src port of the packet from the unknown client).

So we know the server is discarding requests on it's authentication interface, from unknown clients. Would it help if I told you the fact that the client is unknown is not a coincidence? In fact there is a direct causal relationship here. I know it might not be obvious from reading the message, but the reason why the server is ignoring the request is precisely because of the client's 'unknownness'.

Would defining extra users help? Probably not, as they're users, not clients. Clients in this case being NAS (Network Access Servers), the things that act as intermediaries between the users and the RADIUS servers.

What you need to do to make this work is to inform the server of the clients existence and thus authorize it to communicate with the server.

There are a few ways to do that, but the simplest is probably adding an entry in raddb/clients.conf.

Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140127/f768ef6d/attachment-0001.pgp>


More information about the Freeradius-Users mailing list