Converting from GNU radius for a computone Client and an OpenVPN client using port 1645

Fri Jun 19 18:29:32 CEST 2020

On Fri, Jun 19, 2020 at 11:19:19AM -0400, Alan DeKok wrote:
> On Jun 17, 2020, at 12:14 AM, The Doctor via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
> > 
> > Currently I wish to convert from GNU radius to Free Radius.
> 
>   Nice!  I never understood GNU radius.  It seemed to be a one-person project to get the *GNU* stamp on a RADIUS server.
> 
>   i.e. the GNU people don't like GPL code.  They like code that THEY own.  <sigh>

Yet I can get this to work on FreeBSD 12.1 and it was comiple on FreeBSD 10!

> 
> > What is needed to convert this to Freeradius 3?
> 
>   Well... you need to read the FreeRADIUS documentation and see how things relate.
> 
>   FreeRADIUS has a "hints" file.  it has a "users" file.  It has a "clients" file in clients.conf.  It has realms defined in proxy.conf.
> 
>   We don't have a detailed "howto" guide on converting from GNU RADIUS to FreeRADIUS.  GNU RADIUS was used by only a small number of people, and the project has been dead for over 10 years.
> 
>   I suggest going through the FreeRADIUS documents, and setting things up slowly.  The configuration files are well documented.  Just read them, and fill things in.

Well I have been and the result so far has been

Wed Jun 17 19:34:12 2020 : Debug: Waking up in 3.9 seconds.
Wed Jun 17 19:34:16 2020 : Debug: (0) Cleaning up request packet ID 1 with timestamp +41
Wed Jun 17 19:34:16 2020 : Info: Ready to process requests
Wed Jun 17 19:34:20 2020 : Debug: Waking up in 0.3 seconds.
Wed Jun 17 19:34:20 2020 : Debug: Thread 2 got semaphore
Wed Jun 17 19:34:20 2020 : Debug: Thread 2 handling request 1, (1 handled so far)
Wed Jun 17 19:34:20 2020 : Debug: (1) Received Access-Request Id 2 from 204.209.81.4:1278 to 204.209.81.1:1645 length 56
Wed Jun 17 19:34:20 2020 : Debug: (1)   User-Name = "user from /etc/passwd setup"
Wed Jun 17 19:34:20 2020 : Debug: (1)   User-Password = "password from /etc/passwd setup"
Wed Jun 17 19:34:20 2020 : Debug: (1)   NAS-IP-Address = 192.168.5.4
Wed Jun 17 19:34:20 2020 : Debug: (1)   NAS-Port = 20
Wed Jun 17 19:34:20 2020 : Debug: (1) session-state: No State attribute
Wed Jun 17 19:34:20 2020 : Debug: (1) Empty authorize section.  Using default return values.
Wed Jun 17 19:34:20 2020 : ERROR: (1) No Auth-Type found: rejecting the user via Post-Auth-Type = Reject
Wed Jun 17 19:34:20 2020 : Debug: (1) Failed to authenticate the user
Wed Jun 17 19:34:20 2020 : Debug: (1) Using Post-Auth-Type Reject
Wed Jun 17 19:34:20 2020 : Debug: (1) Post-Auth-Type sub-section not found.  Ignoring.
Wed Jun 17 19:34:20 2020 : Debug: (1) Delaying response for 1.000000 seconds
Wed Jun 17 19:34:20 2020 : Debug: Thread 2 waiting to be assigned a request
Wed Jun 17 19:34:20 2020 : Debug: Waking up in 0.6 seconds.
Wed Jun 17 19:34:21 2020 : Debug: (1) Sending delayed response
Wed Jun 17 19:34:21 2020 : Debug: (1) Sent Access-Reject Id 2 from 204.209.81.1:1645 to 204.209.81.4:1278 length 20
Wed Jun 17 19:34:21 2020 : Debug: Waking up in 3.9 seconds.
Wed Jun 17 19:34:25 2020 : Debug: (1) Cleaning up request packet ID 2 with timestamp +50
Wed Jun 17 19:34:25 2020 : Info: Ready to process requests

And I am going, all right should I migrate or stay with GNU radius?

> 
> > Openvpn radius plugin will assume to be not adjusted.
> 
>   I don't know what that is, so I don't know.
>

All right.

>   Alan DeKok.
> 
> 

-- 
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising!
nk.ca started 1 June 1995 . https://www.empire.kred/ROOTNK?t=94a1f39b  
Better shun the bait, than struggle in the snare.  -John Dryden