Testing FreeRADIUS Locally

Raiya Al Rashdi raiya at omren.om
Sun Jan 22 08:45:07 UTC 2023 

Dear Matthew,

Thanks for your support,

3.0.13 is very old. I recommend you use the packages from http://packages.networkradius.com/
If it is stable version, I prefer to keep it as it is for now as this is testing server and I already configured it, once it works, I will reimplement it with the newer version

As you are SP only you will need a test account on another eduroam system, "bob" won't work. Tour national proxy provider should provide this.
I have tried to test the connection, but I got the below error. Kindly assist

Sun Jan 22 12:12:53 2023 : Info: Ready to process requests
Sun Jan 22 12:14:16 2023 : Proxy: Marking home server 185.186.206.13 port 1812 as zombie (it has not responded in 30.000000 seconds).
Sun Jan 22 12:14:16 2023 : ERROR: (0) ERROR: Failing proxied request for user test at sarh.om<mailto:test at sarh.om>, due to lack of any response from home server 185.186.206.13 port 1812
Sun Jan 22 12:14:20 2023 : Error: No response to status check 1 ID 160 for home server 185.186.206.13 port 1812
Sun Jan 22 12:14:46 2023 : Proxy: Marking home server 185.186.206.13 port 1812 as dead.
Sun Jan 22 12:14:50 2023 : Error: No response to status check 3 ID 18 for home server 185.186.206.13 port 1812
Sun Jan 22 12:15:22 2023 : Error: No response to status check 6 ID 5 for home server 185.186.206.13 port 1812
Sun Jan 22 12:15:54 2023 : Error: No response to status check 7 ID 87 for home server 185.186.206.13 port 1812

185.186.206.13 is the national proxy server which is radsecproxy server..

Below are proxy.conf

proxy server {
        default_fallback = no
}

######################################################################
#
#  This section defines a "Home Server" which is another RADIUS
#  server that gets sent proxied requests.

#
# These are the FLR servers for OMREN
#
home_server eduroam.om {
        type = auth+acct
        ipaddr = 185.186.206.13
        secret = testsecret
        port = 1812
        status_check = status-server
}


######################################################################
#
#  This section defines a pool of home servers that is used
#  for fail-over and load-balancing.

home_server_pool EDUROAM {
        type = fail-over
        #
        # The order of the home_server entries in the pool is important.
        # In South Africa, you should put the one that's geographically
        # closest to you (i.e. has the lowest ping time/latency) at the
        # top of the list so you try it first.
        #
        home_server = eduroam.om
        virtual_server = eduroam
        }


######################################################################
#
#  This section defines a new-style "realm".  Note the in version 2.0,
#  there are many fewer configuration items than in 1.x for a realm.

# your local realms - leaving them blank stops them from ever being forwarded
realm LOCAL {
}
realm NULL {
 virtual_server  = auth-reject
    nostrip
}

# The default destination for unknown realms - forward to the upstream FLR servers
# The regex version is required for f_ticks to log properly
realm "~.+$" {
        pool = EDUROAM
        nostrip
}


Regards,
Raiya



-----Original Message-----
From: Freeradius-Users <freeradius-users-bounces+raiya=omren.om at lists.freeradius.org> On Behalf Of Matthew Newton via Freeradius-Users
Sent: Tuesday, January 10, 2023 2:29 PM
To: freeradius-users at lists.freeradius.org
Cc: Matthew Newton <mcn at freeradius.org>
Subject: Re: Testing FreeRADIUS Locally



On 10/01/2023 10:16, Raiya Al Rashdi wrote:
> I am trying to activate eduroam SP using FreeRADIUS by following these instructions https://wiki.geant.org/display/H2eduroam/eduroam+SP,  in centos 7 OS, I am new in FreeRADIUS actually.

3.0.13 is very old. I recommend you use the packages from http://packages.networkradius.com/

If you're just starting out, you would be good to start on a recent OS, as well.


> Failed binding to auth address * port 1812 bound to server eduroam: Address already in use
> /etc/raddb/sites-enabled/eduroam[3]: Error binding to port for 0.0.0.0 port 1812

The daemon is already running. You can't start a second one.

Stop the running daemon first:

   service radiusd stop

then you can run in debug mode.


> Then, when I test bob user I got as below
>
> [root at localhost ~]# radtest bob password 127.0.0.1 100 testing123

eduroam uses EAP, you can't test with radtest. Use eapol_test from the
wpa_supplicant project.

As you are SP only you will need a test account on another eduroam
system, "bob" won't work. Tour national proxy provider should provide this.

--
Matthew
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list