freeradius is not loading clients
Majed Zouhairy
m_zouhairy at ckta.by
Tue Jan 9 12:56:16 UTC 2024
On 1/9/24 14:55, Matthew Newton via Freeradius-Users wrote:
> On 09/01/2024 11:27, Majed Zouhairy wrote:
>> 121061: Jan 9 14:16:04.134: AAA/MEMORY: create_user (0x49EAF010)
>> user='donatello' ruser='NULL' ds0=0 port='' rem_addr='NULL'
>> authen_type=ASCII service=LOGIN priv=1 initial_task_id='0', vrf=
>> (id=0)No authoritative response from any server.
>> 4G-E-1st#
>> 121062: Jan 9 14:16:24.244: AAA/MEMORY: free_user (0x49EAF010)
>> user='donatello' ruser='NULL' port='' rem_addr='NULL'
>> authen_type=ASCII service=LOGIN priv=1 vrf= (id=0)
>>
>> telnet to radius server 22 port succeeds, to port 1812 fails says
>> telnet 10.16.11.12 1812
>> Trying 10.16.11.12, 1812 ...
>> % Destination unreachable; gateway or host down
>
> RADIUS on port 1812 is UDP. Telnet will never work.
>
>> why are packets not reaching the radius server even though it pings
>> from the switch?
>
> You have a firewall on the network or on the RADIUS server, or a switch
> ACL which is blocking UDP packets.
>
been working for years on this server and i never remembered that it has
a firewall, ... the Biden effect...
had to change:
aaa authorization exec default group TEST group UP if-authenticated
to:
aaa authorization exec default group UP if-authenticated
so the radius authorizes!
now i want to use /etc/passwd for usernames, but i read in the
documentation from 19 years ago, so i don't think it is relevant, anyone
has a clear how to in order to implement this?
More information about the Freeradius-Users
mailing list