|
Hi, new guy here… I can’t get a
Juniper NAS to authenticate to FreeRadius. The first thing I tried was a radtest of the local host
(against /etc/passwd), which worked: [EMAIL PROTECTED]:/home $ radtest username password 127.0.0.1:1812
1812 testing123 Sending Access-Request of id 122 to 127.0.0.1 port 1812 User-Name =
"username" User-Password =
"password" NAS-IP-Address =
255.255.255.255 NAS-Port = 1812 rad_recv: Access-Accept packet from host 127.0.0.1:1812,
id=122, length=20 And then I tried munging the password to make sure it got
rejected, which it did. [EMAIL PROTECTED]:/home $ radtest username wrong-password
127.0.0.1:1812 1812 testing123 Sending Access-Request of id 126 to 127.0.0.1 port 1812 User-Name =
"username" User-Password =
"wrong-password" NAS-IP-Address =
255.255.255.255 NAS-Port = 1812 rad_recv: Access-Reject packet from host 127.0.0.1:1812,
id=126, length=20 So then I tried it from the NAS and I get [EMAIL PROTECTED] radius]# more radius.log Mon Jul 10 16:22:15 2006 : Info: Using deprecated naslist
file. Support for thi s will go away soon. Mon Jul 10 16:22:15 2006 : Info: rlm_exec: Wait=yes but no
output defined. Did y ou mean output=none? Mon Jul 10 16:22:15 2006 : Info: Ready to process requests. Tue Jul 11 09:25:29 2006 : Info: Reloading configuration
files. Tue Jul 11 09:25:29 2006 : Info: Using deprecated naslist
file. Support for thi s will go away soon. Tue Jul 11 09:25:29 2006 : Info: rlm_exec: Wait=yes but no
output defined. Did y ou mean output=none? Tue Jul 11 09:25:29 2006 : Info: Ready to process requests. Wed Jul 12 15:29:05 2006 : Error: Ignoring request from
unknown client 10.1.10.1 :12000 And [EMAIL PROTECTED] raddb]# /usr/local/sbin/radiusd -x Starting - reading configuration files ... Using deprecated naslist file. Support for this will
go away soon. Module: Loaded exec rlm_exec: Wait=yes but no output defined. Did you mean
output=none? Module: Instantiated exec (exec) Module: Loaded expr Module: Instantiated expr (expr) Module: Loaded PAP Module: Instantiated pap (pap) Module: Loaded CHAP Module: Instantiated chap (chap) Module: Loaded MS-CHAP Module: Instantiated mschap (mschap) Module: Loaded System Module: Instantiated unix (unix) Module: Loaded eap rlm_eap: Loaded and initialized type md5 rlm_eap: Loaded and initialized type leap rlm_eap: Loaded and initialized type gtc rlm_eap: Loaded and initialized type mschapv2 Module: Instantiated eap (eap) Module: Loaded preprocess Module: Instantiated preprocess (preprocess) Module: Loaded realm Module: Instantiated realm (suffix) Module: Loaded files Module: Instantiated files (files) Module: Loaded Acct-Unique-Session-Id Module: Instantiated acct_unique (acct_unique) Module: Loaded detail Module: Instantiated detail (detail) Module: Loaded radutmp Module: Instantiated radutmp (radutmp) Initializing the thread pool... Listening on authentication *:1812 Listening on accounting *:1813 Ready to process requests. rad_recv: Access-Request packet from host 10.1.10.1:12004,
id=183, length=69 Ignoring request from unknown client 10.1.10.1:12004 rad_recv: Access-Request packet from host 10.1.10.1:12004,
id=184, length=69 Ignoring request from unknown client 10.1.10.1:12004 Clients.conf has the following appended to the included
file: client 10.1.10.1 {
secret = password
shortname = aaa } And I’ve tried both stop/start and kill 1 ‘cat the
pid file’ So… what am I doing wrong? Thanks! Greg |
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
