Proxy issue - Failing proxied request for user error
Alan DeKok
aland at deployingradius.com
Thu Jul 18 00:43:58 CEST 2019
On Jul 17, 2019, at 4:25 PM, James Wood <james.wood at purplewifi.com> wrote:
>
> There is no firewall on the box itself (all UDP to 1812/1813 open publicly)
> and the strange thing is that the majority of packets are handled fine by
> FreeRADIUS (the ones that reach the daemon).
That's good.
> So, it appears although tcdump and radsniff shows the packet arriving, it
> never gets to FreeRADIUS for some reason.
That's usually an OS problem. Not sure why it's happening, tho.
> radsniff log (filtered for `norsp`)
>
> norsp,7798,2019-07-16
> 23:08:43.462979,,Accounting-Request,ens4,1.2.3.4,41060,10.11.12.13,1813,125,"2a19172c7fc7"
> norsp,7799,2019-07-16
> 23:08:43.463001,,Accounting-Request,ens4,1.2.3.4,36239,10.11.12.13,1813,13,"63b8136755ec"
> norsp,7800,2019-07-16
> 23:08:43.463112,,Accounting-Request,ens4,1.2.3.4,38841,10.11.12.13,1813,125,"033c1a03cbdd"
> norsp,7801,2019-07-16
> 23:08:43.463159,,Accounting-Request,ens4,1.2.3.4,38841,10.11.12.13,1813,241,"b9790286e557"
> norsp,7802,2019-07-16
> 23:08:43.463331,,Accounting-Request,ens4,1.2.3.4,39990,10.11.12.13,1813,66,"710250b69ee0"
> norsp,7803,2019-07-16
> 23:08:43.463454,,Accounting-Request,ens4,1.2.3.4,39990,10.11.12.13,1813,208,"b940c9c76e96"
> norsp,7804,2019-07-16
> 23:08:43.463632,,Accounting-Request,ens4,1.2.3.4,38841,10.11.12.13,1813,187,"5ca284fb563e"
> norsp,9042,2019-07-16
> 23:08:45.972261,,Accounting-Request,ens4,1.2.3.4,39990,10.11.12.13,1813,218,"2f5a67f71993"
> norsp,9043,2019-07-16
> 23:08:45.972353,,Accounting-Request,ens4,1.2.3.4,39990,10.11.12.13,1813,13,"5e26718c4442"
> norsp,9044,2019-07-16
> 23:08:45.972406,,Accounting-Request,ens4,1.2.3.4,39990,10.11.12.13,1813,15,"273bcbb553c8"
> norsp,9045,2019-07-16
> 23:08:45.972514,,Accounting-Request,ens4,1.2.3.4,36239,10.11.12.13,1813,113,"b84e7246b3e3"
> norsp,12595,2019-07-16
> 23:08:49.990914,,Accounting-Request,ens4,1.2.3.4,38841,10.11.12.13,1813,51,"51683f17d039"
>
> So they DO reach the server, but DONT get processed for some reason.
Well, no. The packets get into the network stack, but don't get to the server.
Alan DeKok.
More information about the Freeradius-Users
mailing list