Acess reject dropped by freeradius

sai ram sairam.nat at gmail.com
Fri Jul 3 14:42:35 CEST 2015 

Hi,

        My problem is i am not getting Access-Reject from freeradius to
jradius.

        When i give correct credentials for a user authentication i am
correctly getting Access-Accept packet from freeradius to jradius.

        But when i give correct credentials for a user authentication i am
not getting Access-Reject packet from freeradius to jradius, even though
reject packet has come from the ground.


        I am pasting sample logs.


        *For Access-Accept:*
rad_recv: Access-Request packet from host 127.0.0.1 port 39829, id=27,
length=167
.........
rad_recv: Access-Accept packet from host x.x.x.x port 1812, id=90,
length=153
.........
# Executing section post-proxy from file /..../raddb/sites-enabled/default
+group post-proxy {
[eap] No pre-existing handler found
++[eap] = noop
rlm_jradius: Reserving JRadius socket id: 2
.........
rlm_jradius: Released JRadius socket id: 2
++[jradius] = updated
+} # group post-proxy = updated
Found Auth-Type = Accept
Auth-Type = Accept, accepting the user
# Executing section post-auth from file /..../raddb/sites-enabled/default
+group post-auth {
++[exec] = noop
rlm_jradius: Reserving JRadius socket id: 1
.........
rlm_jradius: Released JRadius socket id: 1
++[jradius] = updated
+} # group post-auth = updated
Sending Access-Accept of id 27 to 127.0.0.1 port 39829
        ........
Finished request 0.

     * For Access-Reject:*
rad_recv: Access-Request packet from host 127.0.0.1 port 47732, id=18,
length=167
.............
rad_recv: Access-Reject packet from host x.x.x.x port 1812, id=114,
length=27
............
Going to the next request
Waking up in 0.9 seconds.
Cleaning up request 0 ID 18 with timestamp +285
Ready to process requests.

          * There is no sending the access reject back to host 127.0.0.1
port 47732.*


        *   I am getting access reject when i test my radius configuration
with radclient.*


          Is there some configuration for freeradius to send access reject
packets to jradius?

          Please help me with this.


Regards,
Sairam


On 11 March 2015 at 22:41, Alan DeKok <aland at deployingradius.com> wrote:

> On Mar 11, 2015, at 1:09 PM, sai ram <sairam.nat at gmail.com> wrote:
>
> > Hi,
> >
> >          I am using freeradius 2.2.1
> >          Whenever I use wrong credentials, NAS sends access reject.
>
>   A NAS doesn’t send Access-Reject.
>
> >          Access reject packet is received when I do a packet capture.
> >          But freeradius doesn't acknowledge access reject the same way it
> > does for access accept.
> >
> >         I changed reject_delay parameter to 0. But I still don't receive
> > the access reject from freeradius.
>
>   Is FreeRADIUS sending Access-Reject or is the NAS sending it?
>
>   And have you tried running the server in debugging mode?
>
> >         So every time wrong credentials is entered, I get time out
> instead
> > of access reject.
> >
> >         Is there some other configuration is need to change ?
>
>   I have no idea.
>
>   I don’t know what you’re doing, so it’s hard to answer your question.
>
>   Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list