8

I install the freeradius in Ubuntu 10 through apt-get.

after make the server running. the local test is valid:

yozloy@SNDA-192-168-21-78:/usr/bin$ echo "User-Name=testuser,Password=123456" | radclient 127.0.0.1:1812 auth testing123 -x
Sending Access-Request of id 245 to 127.0.0.1 port 1812
    User-Name = "testuser"
    Password = "0054444944"
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=245, length=20

But in the remote machine, it seems that there's no response from the radius server machine:

root@SNDA-192-168-14-131:/home/yozloy# echo "User-Name=testuser,Password=123456" | radclient 58.215.164.98:1812 auth testing123 -x
Sending Access-Request of id 36 to 58.215.164.98 port 1812
    User-Name = "testuser"
    Password = "0054444944"
Sending Access-Request of id 36 to 58.215.164.98 port 1812
    User-Name = "testuser"
    Password = "0054444944"
Sending Access-Request of id 36 to 58.215.164.98 port 1812
    User-Name = "testuser"
    Password = "0054444944"
radclient: no response from server for ID 36 socket 3

Here's my configure file:

clients.conf

client 58.215.164.98 {
        ipaddr = 58.215.164.98
        secret = testing123

        require_message_authenticator = no
}

users

testuser CLeartext-Password := "0054444944"

update the configure file(I'm not actually change anything) radiusd.conf

proxy_requests  = yes
$INCLUDE proxy.conf
$INCLUDE clients.conf
thread pool {
        start_servers = 5
        max_servers = 32
        min_spare_servers = 3
        max_spare_servers = 10
        max_requests_per_server = 0
}
modules {
        $INCLUDE ${confdir}/modules/
        $INCLUDE eap.conf
}
instantiate {
        exec
        expr
        expiration
        logintime
}
$INCLUDE policy.conf
$INCLUDE sites-enabled/

yozloy@SNDA-192-168-18-234:/etc/freeradius$ netstat -an
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN     
tcp        0      0 192.168.18.234:22       123.5.13.20:3274        ESTABLISHED
tcp6       0      0 :::22                   :::*                    LISTEN     
udp        0      0 0.0.0.0:1812            0.0.0.0:*                          
udp        0      0 0.0.0.0:1813            0.0.0.0:*                          
udp        0      0 0.0.0.0:1814            0.0.0.0:*                          
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags       Type       State         I-Node   Path
unix  4      [ ]         DGRAM                    2838     /dev/log
unix  2      [ ACC ]     STREAM     LISTENING     2166     @/com/ubuntu/upstart
unix  2      [ ]         DGRAM                    2272     @/org/kernel/udev/udevd
unix  3      [ ]         STREAM     CONNECTED     3351     
unix  3      [ ]         STREAM     CONNECTED     3350     
unix  2      [ ]         DGRAM                    3173     
unix  2      [ ]         DGRAM                    2893     
unix  3      [ ]         DGRAM                    2304     
unix  3      [ ]         DGRAM                    2303     
unix  3      [ ]         STREAM     CONNECTED     2256     @/com/ubuntu/upstart
unix  3      [ ]         STREAM     CONNECTED     2255  
mko
  • 21,334
  • 49
  • 130
  • 191
  • 1
    Could you please update with your freeradius configuration files? Is your server listening correctly on correct IP / Port ? Isn't freerad blocked by firewall ? – castor Apr 20 '12 at 07:11
  • 1
    castor I've updated the radiusd.conf file. I hope this is the configuration file that you want. And I'm sure the port 1812 is open through the firewall – mko Apr 21 '12 at 07:01
  • sorry for delayed reply, but, could you please also give me output of netstat -ln ? – castor Apr 21 '12 at 18:35
  • castor i've updated the netstat log, I noticed there's no listening in the status section for the 1812 port which should be the freeradius socket. By the way, I installed freeradius from apt in ubuntu, because I can't find raidiusd executable, All I got is /etc/init.d/freeradius, so I made this daemon start. – mko Apr 22 '12 at 07:52

1 Answers1

1

Correct me if I am wrong but, IP address of SNDA-192-168-14-131 against your RADIUS server (SNDA-192-168-21-78) is not 58.215.164.98, is it ? If it is not, that is your answer. You RADIUS server will only work against NAS configured in clients.conf with correct secrets.

Try adding 192.168.14.131 (if it is that host's IP address) to clients.conf and try then.

castor
  • 585
  • 2
  • 8
  • castor actually the the ip part of `SNDA-192-168-14-131` is the local ip of the vps service and it's public ip is what I write in the clients.conf – mko Apr 23 '12 at 09:26
  • Does the NAS (VPS) server communicates with RADIUS using 192.168.0.0/16 range ? If yes, change it in clients.conf. Your NAS(VPS) server is probably presented to your RADIUS server using that local IP. Not that public one. So you have to change it. – castor Apr 23 '12 at 14:46
  • I do have same problem it used to work but not anymore I do remember I read somewhere is is to do with hots name..not sure and still trying to find why it is not working – user2912312 Oct 20 '14 at 21:00