Freeradius 3.0.13-8.el7_4 and external syslog server

Nathan Ward lists+freeradius at daork.net
Mon Feb 26 09:48:00 CET 2018 

> On 26/02/2018, at 9:39 PM, Bram Assendorp <bramassendorp at gmail.com> wrote:
> 
> Hello Freeradius Users,
> 
> I have installed a freeradius server on Centos 7.
> 
> Now I want to have the freeradius messages forwarded to a external syslog
> server.

Can you be more specific here? Do you want the RADIUS messages (i.e. what is written to detail files) sent to syslog, or do you want FreeRADIUS daemon messages sent to syslog?

> Within the radiusd.conf I have changed the "logdir" and "destination"
> parameter to “syslog”

As you can see from your logs, changing logdir to “syslog” means it tries to write to a directory called “syslog”. Not sure why you changed that parameter as the documentation all around there is quite clear on what that parameter does, but, change it back.

> Also added the *.* @IPAddress:514 at the end of the rsyslog.conf file.
> 
> Restarted both the rsyslog and radiusd service, but then no client will
> authenticate.
> 
> I'm getting the following errors:
> 
> *--
> 
> 2018-02-26 08:46:48 Daemon.Debug servername.local Feb 26 08:46:48
> SERVERNAME radiusd[31843]: (0) auth_log: ERROR: Couldn't open file
> syslog/radacct/192.168.1.7/auth-detail-20180226: Failed to create directory
> syslog: Permission denied
> 2018-02-26 08:46:48 Daemon.Notice servername.local Feb 26 08:46:48
> SERVERNAME radiusd[31843]: (0) Invalid user (auth_log: Couldn't open file
> syslog/radacct/192.168.1.7/auth-detail-20180226: Failed to create directory
> syslog: Permission denied): [b8386116681f/b8386116681f] (from client
> SWITCHNAME port 50001 cli B8-38-61-16-68-1F)
> 2018-02-26 08:46:48 Daemon.Info servername.local Feb 26 08:46:48 SERVERNAME
> radiusd[31843]: Need 4 more connections to reach 10 spares
> 2018-02-26 08:46:48 Daemon.Info servername.local Feb 26 08:46:48 SERVERNAME
> radiusd[31843]: rlm_sql (SHBMSQL01): Opening additional connection (6), 1
> of 26 pending slots used
> 2018-02-26 08:46:57 Daemon.Debug servername.local Feb 26 08:46:57
> SERVERNAME radiusd[31843]: (1) auth_log: ERROR: Couldn't open file
> syslog/radacct/192.168.1.7/auth-detail-20180226: Failed to create directory
> syslog: Permission denied
> 2018-02-26 08:46:57 Daemon.Notice servername.local Feb 26 08:46:57
> SERVERNAME radiusd[31843]: (1) Invalid user (auth_log: Couldn't open file
> syslog/radacct/192.168.1.7/auth-detail-20180226: Failed to create directory
> syslog: Permission denied): [b8386116681f/b8386116681f] (from client
> SWITCHNAME port 50001 cli B8-38-61-16-68-1F)
> 2018-02-26 08:46:57 Daemon.Info servername.local Feb 26 08:46:57 SERVERNAME
> radiusd[31843]: Need 3 more connections to reach 10 spares
> 2018-02-26 08:46:57 Daemon.Info servername.local Feb 26 08:46:57 SERVERNAME
> radiusd[31843]: rlm_sql (SHBMSQL01): Opening additional connection (7), 1
> of 25 pending slots used
> 2018-02-26 08:47:13 Daemon.Error servername.local Feb 26 08:47:13
> SERVERNAME radiusd[31843]: Ignoring request to auth address * port 1812
> bound to server default from unknown client 192.168.1.192 port 1645 proto
> udp
> 2018-02-26 08:47:18 Daemon.Error servername.local Feb 26 08:47:18
> SERVERNAME radiusd[31843]: Ignoring request to auth address * port 1812
> bound to server default from unknown client 192.168.1.192 port 1645 proto
> udp
> 2018-02-26 08:47:23 Daemon.Error servername.local Feb 26 08:47:23
> SERVERNAME radiusd[31843]: Ignoring request to auth address * port 1812
> bound to server default from unknown client 192.168.1.192 port 1645 proto
> udp
> 2018-02-26 08:47:28 Daemon.Error servername.local Feb 26 08:47:28
> SERVERNAME radiusd[31843]: Ignoring request to auth address * port 1812
> bound to server default from unknown client 192.168.1.192 port 1645 proto
> udp
> 
> *--
> 
> Thank you for your help.
> 
> Kind Regards,
> 
> Bram.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list