FreeRadius not responding to requests from external host
Alan DeKok
aland at deployingradius.com
Wed Mar 9 16:26:04 UTC 2022
On Mar 9, 2022, at 10:58 AM, Darren Share <darren.share at chronos.uk> wrote:
> Hope someone can tell me where I’m going wrong here, because I’m stumped.
If FreeRADIUS isn't getting packets, then it's an OS issue.
If FreeRAIDUS is getting packets and complaining about "unknown client" or "invalid authenticator", then the clients.conf entry is missing or wrong.
There really are no other options.
> FR server is on 172.31.2.11. Firewalld turned off. FR responds perfectly to requests from an application running locally on the same server.
That's good.
> A copy of the same application on a server with IP 172.31.1.36 is not getting any response. The output of radiusd -X shows nothing, as if it didn’t receive a request, yet packets are arriving as per tcpdump:
That doesn't matter.
TCPdump looks at the packets deep in the OS network stack. i.e. it typically bypasses firewalls and other security systems.
> [root at tp11 raddb]# firewall-cmd --list-all
> FirewallD is not running
SeLinux is running, and is preventing FreeRADIUS from accepting packets.
> Complete output of radiusd -X:
>
> FreeRADIUS Version 3.0.13
Ugh. Why? We have up to date packages available at: http://packages.networkradius.com
Alan DeKok.
More information about the Freeradius-Users
mailing list