Freeradius 3 and routers problem

alter1 alter1 at onet.pl
Mon Jan 19 20:58:29 CET 2015


Hello again,


I know it might sound impossible, but sometimes I have an idea that radius in certain moment sent some like "deauth" packet to radius clients on AP's and in this case those clients
dont talk to radius server anymore. Sorry I haven't so many time to read right RFC :-). So just ask :)

After rebooting AP's is the same as I described with radius server. It works for 30-60 minutes and then after another... after another...
A few hours ago I compiled my favorite distro - gentoo and emerge freeradius for this platform.

I flashed wrt54gl with dd-wrt firmware (for better testing client from linksys dd-wrt shell)
# radius-client test test 192.168.10.19 1812 link1
Accept

I repeated it every 2 hours and ... is still working without any problems. But because of nighttime I can prove it tomorrowe with real wifi clients.
I'll back soon

With regards,
MK

The only difference is that is net-dialup/freeradius-2.2.5 version - not 3 like in centos distr.

W dniu 2015-01-19 13:44:01 użytkownik Alan DeKok <aland at deployingradius.com> napisał:
> On Jan 19, 2015, at 6:29 AM, alter1 <alter1 at onet.pl> wrote:
> > I have a network: 3 soho wifi routers Dlink wrt54gl, wrt320n and Asus RT-AC52U. On each is the same configuration (wifi wpa2-enterprise with radius auth on 192.168.10.x server with 1812 port and secret key for each client)
> 
>   OK.  That should be simple enough.
> > 
> > Mon Jan 19 12:16:10 2015 : Auth: (80) Login OK: [test/<via Auth-Type = MSCHAP>] (from client rt-a1-1 port 0 via TLS tunnel)
> > Mon Jan 19 12:17:13 2015 : Auth: (85) Login OK: [test/<via Auth-Type = EAP>] (from client rt-a1-1 port 13 cli 8c3ae3XXXXXX)
> > And all works... But... Ater some period of time 30-60 minutes noone can connect to wifi on AP’s.
> 
>   That’s bad.
> 
> > I tried with alternative firmwares. Still the same.
> > After tcpdump connections I have nothing... That mean. I tcpdump iface (ens160) and cannot see ANY PACKETS from any AP's to radius server…
> 
>   Then the APs are broken.  When a user logs in, the APs should start doing RADIUS.
> 
> > Problem disappear after restart freeradius (systemctl restart radiusd.service).
> 
>   Restarting FreeRADIUS doesn’t cause the APs to start sending packets.  Something else is going on.
> 
>   What happens if you reboot the APs instead of FreeRADIUS?
> 
>   Alan DeKok.
> 
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> 





More information about the Freeradius-Users mailing list