Acess reject dropped by freeradius
sai ram
sairam.nat at gmail.com
Fri Jul 3 14:42:35 CEST 2015
Hi,
My problem is i am not getting Access-Reject from freeradius to
jradius.
When i give correct credentials for a user authentication i am
correctly getting Access-Accept packet from freeradius to jradius.
But when i give correct credentials for a user authentication i am
not getting Access-Reject packet from freeradius to jradius, even though
reject packet has come from the ground.
I am pasting sample logs.
*For Access-Accept:*
rad_recv: Access-Request packet from host 127.0.0.1 port 39829, id=27,
length=167
.........
rad_recv: Access-Accept packet from host x.x.x.x port 1812, id=90,
length=153
.........
# Executing section post-proxy from file /..../raddb/sites-enabled/default
+group post-proxy {
[eap] No pre-existing handler found
++[eap] = noop
rlm_jradius: Reserving JRadius socket id: 2
.........
rlm_jradius: Released JRadius socket id: 2
++[jradius] = updated
+} # group post-proxy = updated
Found Auth-Type = Accept
Auth-Type = Accept, accepting the user
# Executing section post-auth from file /..../raddb/sites-enabled/default
+group post-auth {
++[exec] = noop
rlm_jradius: Reserving JRadius socket id: 1
.........
rlm_jradius: Released JRadius socket id: 1
++[jradius] = updated
+} # group post-auth = updated
Sending Access-Accept of id 27 to 127.0.0.1 port 39829
........
Finished request 0.
* For Access-Reject:*
rad_recv: Access-Request packet from host 127.0.0.1 port 47732, id=18,
length=167
.............
rad_recv: Access-Reject packet from host x.x.x.x port 1812, id=114,
length=27
............
Going to the next request
Waking up in 0.9 seconds.
Cleaning up request 0 ID 18 with timestamp +285
Ready to process requests.
* There is no sending the access reject back to host 127.0.0.1
port 47732.*
* I am getting access reject when i test my radius configuration
with radclient.*
Is there some configuration for freeradius to send access reject
packets to jradius?
Please help me with this.
Regards,
Sairam
On 11 March 2015 at 22:41, Alan DeKok <aland at deployingradius.com> wrote:
> On Mar 11, 2015, at 1:09 PM, sai ram <sairam.nat at gmail.com> wrote:
>
> > Hi,
> >
> > I am using freeradius 2.2.1
> > Whenever I use wrong credentials, NAS sends access reject.
>
> A NAS doesn’t send Access-Reject.
>
> > Access reject packet is received when I do a packet capture.
> > But freeradius doesn't acknowledge access reject the same way it
> > does for access accept.
> >
> > I changed reject_delay parameter to 0. But I still don't receive
> > the access reject from freeradius.
>
> Is FreeRADIUS sending Access-Reject or is the NAS sending it?
>
> And have you tried running the server in debugging mode?
>
> > So every time wrong credentials is entered, I get time out
> instead
> > of access reject.
> >
> > Is there some other configuration is need to change ?
>
> I have no idea.
>
> I don’t know what you’re doing, so it’s hard to answer your question.
>
> Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list