RADIUS Debugging

P.Thirunavukkarasu drthiruna at tanuvas.org.in
Tue Apr 5 13:09:52 UTC 2022


Hi Team,
Greetings of the day
Kindly help me in RADIUS debugging....
*Linux packetfence 5.10.0-11-amd64 #1 SMP Debian 5.10.92-1 (2022-01-18)
x86_64 (ZEN)*
I don't know how to debug the RADIUS in packetfence. As given in the
Installation guide I tried the debugging

*Herewith I am sending the RADIUS log*
Apr  4 00:00:02 packetfence auth[1288515]:
/usr/local/pf/raddb/auth.conf[19]: Error binding to port for 172.16.11.10
port 1812
Apr  4 00:00:06 packetfence auth[1288559]: Ignoring "response_window =
20.000000", forcing to "response_window = 10.000000"
Apr  4 00:00:06 packetfence auth[1288559]: Ignoring "response_window =
30.000000", forcing to "response_window = 10.000000"
Apr  4 00:00:06 packetfence auth[1288559]: Ignoring "response_window =
30.000000", forcing to "response_window = 10.000000"
Apr  4 00:00:06 packetfence auth[1288559]: Ignoring "response_window =
30.000000", forcing to "response_window = 10.000000"
Apr  4 00:00:06 packetfence auth[1288559]: Debugger not attached
Apr  4 00:00:06 packetfence auth[1288559]: systemd watchdog interval is
5.00 secs
Apr  4 00:00:06 packetfence auth[1288559]: rlm_sql (sql): Driver
rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
Apr  4 00:00:06 packetfence auth[1288559]: rlm_sql (pfguest): Driver
rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
Apr  4 00:00:06 packetfence auth[1288559]: rlm_sql (pfsponsor): Driver
rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
Apr  4 00:00:06 packetfence auth[1288559]: rlm_sql (pfsms): Driver
rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
Apr  4 00:00:06 packetfence auth[1288559]: rlm_sql (pflocal): Driver
rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
Apr  4 00:00:06 packetfence auth[1288559]: rlm_sql (sql_reject): Driver
rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
Apr  4 00:00:06 packetfence auth[1288559]: rlm_sql (sql_degraded): Driver
rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
Apr  4 00:00:06 packetfence auth[1288559]: Perl version: 5.32.0
Apr  4 00:00:06 packetfence auth[1288559]: Perl version: 5.32.0
Apr  4 00:00:06 packetfence auth[1288559]: Perl version: 5.32.0
Apr  4 00:00:06 packetfence auth[1288559]: Perl version: 5.32.0
Apr  4 00:00:06 packetfence auth[1288559]: Perl version: 5.32.0
Apr  4 00:00:06 packetfence auth[1288559]: rlm_redis: libhiredis version:
0.14.1
Apr  4 00:00:06 packetfence auth[1288559]: rlm_redis: libhiredis version:
0.14.1
Apr  4 00:00:06 packetfence auth[1288559]: rlm_rest: libcurl version:
libcurl/7.74.0 OpenSSL/1.1.1k zlib/1.2.11 brotli/1.0.9 libidn2/2.3.0
libpsl/0.21.0 (+libidn2/2.3.0) libssh2/1.9.0 nghttp2/1.43.0 librtmp/2.3
Apr  4 00:00:06 packetfence auth[1288559]: rlm_sql_mysql: libmysql version:
10.5.15
Apr  4 00:00:06 packetfence auth[1288559]: rlm_sql (sql): Attempting to
connect to database "pf"
Apr  4 00:00:06 packetfence auth[1288559]: rlm_sql (pfguest): Attempting to
connect to database "pf"
Apr  4 00:00:06 packetfence auth[1288559]: rlm_sql (pfsponsor): Attempting
to connect to database "pf"
Apr  4 00:00:06 packetfence auth[1288559]: rlm_sql (pfsms): Attempting to
connect to database "pf"
Apr  4 00:00:06 packetfence auth[1288559]: rlm_sql (pflocal): Attempting to
connect to database "pf"
Apr  4 00:00:06 packetfence auth[1288559]: rlm_sql (sql_reject):
groupmemb_query is empty.  Please delete it from the configuration
Apr  4 00:00:06 packetfence auth[1288559]: rlm_sql (sql_reject):
authorize_check_query is empty.  Please delete it from the configuration
Apr  4 00:00:06 packetfence auth[1288559]: rlm_sql (sql_reject): Attempting
to connect to database "pf"
Apr  4 00:00:06 packetfence auth[1288559]: rlm_sql (sql_degraded):
groupmemb_query is empty.  Please delete it from the configuration
Apr  4 00:00:06 packetfence auth[1288559]: rlm_sql (sql_degraded): Ignoring
read_groups as group_membership_query is not configured
Apr  4 00:00:06 packetfence auth[1288559]: rlm_sql (sql_degraded):
Attempting to connect to database "pf"
Apr  4 00:00:07 packetfence auth[1288559]: rlm_ldap: libldap vendor:
OpenLDAP, version: 20457
Apr  4 00:00:07 packetfence auth[1288559]:
[/usr/local/pf/raddb/mods-config/attr_filter/access_reject]:11 Check item
"FreeRADIUS-Response-Delay" found in filter list for realm "DEFAULT".
Apr  4 00:00:07 packetfence auth[1288559]:
[/usr/local/pf/raddb/mods-config/attr_filter/access_reject]:11 Check item
"FreeRADIUS-Response-Delay-USec" found in filter list for realm "DEFAULT".
Apr  4 00:00:07 packetfence auth[1288559]: Loaded virtual server <default>
Apr  4 00:00:07 packetfence auth[1288559]: Loaded virtual server status
Apr  4 00:00:07 packetfence auth[1288559]: Loaded virtual server
packetfence-tunnel
Apr  4 00:00:07 packetfence auth[1288559]: Loaded virtual server
packetfence-tunnel-fast
Apr  4 00:00:07 packetfence auth[1288559]: Loaded virtual server packetfence
Apr  4 00:00:07 packetfence auth[1288559]: Loaded virtual server pf-remote
Apr  4 00:00:07 packetfence auth[1288559]: Loaded virtual server pf.degraded
Apr  4 00:00:07 packetfence auth[1288559]: Loaded virtual server
packetfence-degraded-tunnel
Apr  4 00:00:07 packetfence auth[1288559]: Loaded virtual server
dynamic_clients
Apr  4 00:00:07 packetfence auth[1288559]: Loaded virtual server eduroam
Apr  4 00:00:07 packetfence auth[1288559]: Loaded virtual server
packetfence-cli

*Apr  4 00:00:07 packetfence auth[1288559]: Failed binding to auth address
172.16.11.10 port 1812 bound to server packetfence: Address already in
useApr  4 00:00:07 packetfence auth[1288559]:
/usr/local/pf/raddb/auth.conf[19]: Error binding to port for 172.16.11.10
port 1812*

I tried a lot to debug the RADIUS. But not able to succeed....

*freeradiud -X -d /usr/local/pf/raddb -n auth*
listen {
        type = "auth"
        virtual_server = "packetfence"
        ipaddr = 172.16.11.10
        port = 0
Failed binding to auth address 172.16.11.10 port 1812 bound to server
packetfence: Address already in use
/usr/local/pf/raddb/auth.conf[19]: Error binding to port for 172.16.11.10
port 1812

*freeradius -X -d /usr/local/pf/raddb -n acct*
acct: #### Opening IP addresses and Ports ####
listen {
        type = "acct"
        virtual_server = "packetfence"
        ipaddr = 172.16.11.10
        port = 0
Failed binding to acct address 172.16.11.10 port 1813 bound to server
packetfence: Address already in use
/usr/local/pf/raddb/acct.conf[8]: Error binding to port for 172.16.11.10
port 1813

The O/P shows that the port is already in use. Indicated that the RADIUS is
running by using the ports....

*root at packetfence:~# raddebug -t 300 -f /usr/local/pf/var/run/radiusd.sock*
radmin: Failed connecting to /usr/local/pf/var/run/radiusd.sock: No such
file or directory
Perhaps you need to run the commands:   cd /etc/raddb
        ln -s sites-available/control-socket sites-enabled/control-socket
and then re-start the server?

r*oot at packetfence:~# raddebug -t 300 -f
/usr/local/pf/var/run/radiusd-acct.sock*
radmin: Failed connecting to /usr/local/pf/var/run/radiusd-acct.sock: No
such file or directory
Perhaps you need to run the commands:   cd /etc/raddb
        ln -s sites-available/control-socket sites-enabled/control-socket
and then re-start the server?
Regards,
*Thirunavukkarasu*


More information about the Freeradius-Users mailing list