>> I am running freeradius 2.1.10 on Debian 6.0.3. >> >> What startup script in Debian starts freeradius? I would like to add the >> -X option to it. >> >> My first problem is I can't get radtest to work. The only thing I have >> modified is the User file. I searched the FAQs and maillist archives to no >> avail. >> >> Top lines in User file: >> bob Cleartext-Password := "hello" >> Reply-Message = "Hello, BOB" >> testing Cleartext-Password := "password" >> Reply-Message = "Testing in Progress" >> # >> >> My radtest: >> root@Mikado:/etc/freeradius# radtest bob hello localhost 0 testing123 >> Sending Access-Request of id 171 to 127.0.0.1 port 1812 >> User-Name = "bob" >> User-Password = "hello" >> NAS-IP-Address = 10.56.1.11 >> NAS-Port = 0 >> radclient: Failed to send packet for ID 171: (unknown error) >> Sending Access-Request of id 171 to 127.0.0.1 port 1812 >> User-Name = "bob" >> User-Password = "hello" >> NAS-IP-Address = 10.56.1.11 >> NAS-Port = 0 >> radclient: Failed to send packet for ID 171: (unknown error) >> Sending Access-Request of id 171 to 127.0.0.1 port 1812 >> User-Name = "bob" >> User-Password = "hello" >> NAS-IP-Address = 10.56.1.11 >> NAS-Port = 0 >> radclient: Failed to send packet for ID 171: (unknown error) >> radclient: no response from server for ID 171 socket 3 >> >> >> Debug output: >> >> FreeRADIUS Version 2.1.10, for host i486-pc-kfreebsd-gnu, built on Nov 15 >> 2010 at 09:02:02 >> Copyright (C) 1999-2009 The FreeRADIUS server project and contributors. >> There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A >> PARTICULAR PURPOSE. >> You may redistribute copies of FreeRADIUS under the terms of the >> GNU General Public License v2. >> Starting - reading configuration files ... >> including configuration file /etc/freeradius/radiusd.conf >> including configuration file /etc/freeradius/proxy.conf >> including configuration file /etc/freeradius/clients.conf >> including files in directory /etc/freeradius/modules/ >> including configuration file /etc/freeradius/modules/always >> including configuration file /etc/freeradius/modules/attr_filter >> including configuration file /etc/freeradius/modules/attr_rewrite >> including configuration file /etc/freeradius/modules/chap >> including configuration file /etc/freeradius/modules/checkval >> including configuration file /etc/freeradius/modules/counter >> including configuration file /etc/freeradius/modules/cui >> including configuration file /etc/freeradius/modules/detail >> including configuration file /etc/freeradius/modules/detail.example.com >> including configuration file /etc/freeradius/modules/detail.log >> including configuration file /etc/freeradius/modules/digest >> including configuration file /etc/freeradius/modules/dynamic_clients >> including configuration file /etc/freeradius/modules/echo >> including configuration file /etc/freeradius/modules/etc_group >> including configuration file /etc/freeradius/modules/exec >> including configuration file /etc/freeradius/modules/expiration >> including configuration file /etc/freeradius/modules/expr >> including configuration file /etc/freeradius/modules/files >> including configuration file /etc/freeradius/modules/inner-eap >> including configuration file /etc/freeradius/modules/ippool >> including configuration file /etc/freeradius/modules/krb5 >> including configuration file /etc/freeradius/modules/ldap >> including configuration file /etc/freeradius/modules/linelog >> including configuration file /etc/freeradius/modules/logintime >> including configuration file /etc/freeradius/modules/mac2ip >> including configuration file /etc/freeradius/modules/mschap >> including configuration file /etc/freeradius/modules/mac2vlan >> including configuration file /etc/freeradius/modules/ntlm_auth >> including configuration file /etc/freeradius/modules/opendirectory >> including configuration file /etc/freeradius/modules/otp >> including configuration file /etc/freeradius/modules/pam >> including configuration file /etc/freeradius/modules/pap >> including configuration file /etc/freeradius/modules/passwd >> including configuration file /etc/freeradius/modules/perl >> including configuration file /etc/freeradius/modules/policy >> including configuration file /etc/freeradius/modules/preprocess >> including configuration file /etc/freeradius/modules/radutmp >> including configuration file /etc/freeradius/modules/realm >> including configuration file /etc/freeradius/modules/smbpasswd >> including configuration file /etc/freeradius/modules/smsotp >> including configuration file /etc/freeradius/modules/sql_log >> including configuration file >> /etc/freeradius/modules/sqlcounter_expire_on_login >> including configuration file /etc/freeradius/modules/sradutmp >> including configuration file /etc/freeradius/modules/unix >> including configuration file /etc/freeradius/modules/wimax >> including configuration file /etc/freeradius/modules/acct_unique >> including configuration file /etc/freeradius/eap.conf >> including configuration file /etc/freeradius/policy.conf >> including files in directory /etc/freeradius/sites-enabled/ >> including configuration file /etc/freeradius/sites-enabled/default >> including configuration file /etc/freeradius/sites-enabled/inner-tunnel >> main { >> user = "freerad" >> group = "freerad" >> allow_core_dumps = no >> } >> including dictionary file /etc/freeradius/dictionary >> main { >> prefix = "/usr" >> localstatedir = "/var" >> logdir = "/var/log/freeradius" >> libdir = "/usr/lib/freeradius" >> radacctdir = "/var/log/freeradius/radacct" >> hostname_lookups = no >> max_request_time = 30 >> cleanup_delay = 5 >> max_requests = 1024 >> pidfile = "/var/run/freeradius/freeradius.pid" >> checkrad = "/usr/sbin/checkrad" >> debug_level = 0 >> proxy_requests = yes >> log { >> stripped_names = no >> auth = no >> auth_badpass = no >> auth_goodpass = no >> } >> security { >> max_attributes = 200 >> reject_delay = 1 >> status_server = yes >> } >> } >> radiusd: #### Loading Realms and Home Servers #### >> proxy server { >> retry_delay = 5 >> retry_count = 3 >> default_fallback = no >> dead_time = 120 >> wake_all_if_all_dead = no >> } >> home_server localhost { >> ipaddr = 127.0.0.1 >> port = 1812 >> type = "auth" >> secret = "testing123" >> response_window = 20 >> max_outstanding = 65536 >> require_message_authenticator = yes >> zombie_period = 40 >> status_check = "status-server" >> ping_interval = 30 >> check_interval = 30 >> num_answers_to_alive = 3 >> num_pings_to_alive = 3 >> revive_interval = 120 >> status_check_timeout = 4 >> irt = 2 >> mrt = 16 >> mrc = 5 >> mrd = 30 >> } >> home_server_pool my_auth_failover { >> type = fail-over >> home_server = localhost >> } >> realm example.com { >> auth_pool = my_auth_failover >> } >> realm LOCAL { >> } >> radiusd: #### Loading Clients #### >> client localhost { >> ipaddr = 127.0.0.1 >> require_message_authenticator = no >> secret = "testing123" >> nastype = "other" >> } >> radiusd: #### Instantiating modules #### >> instantiate { >> Module: Linked to module rlm_exec >> Module: Instantiating module "exec" from file >> /etc/freeradius/modules/exec >> exec { >> wait = no >> input_pairs = "request" >> shell_escape = yes >> } >> Module: Linked to module rlm_expr >> Module: Instantiating module "expr" from file >> /etc/freeradius/modules/expr >> Module: Linked to module rlm_expiration >> Module: Instantiating module "expiration" from file >> /etc/freeradius/modules/expiration >> expiration { >> reply-message = "Password Has Expired " >> } >> Module: Linked to module rlm_logintime >> Module: Instantiating module "logintime" from file >> /etc/freeradius/modules/logintime >> logintime { >> reply-message = "You are calling outside your allowed timespan " >> minimum-timeout = 60 >> } >> } >> radiusd: #### Loading Virtual Servers #### >> server inner-tunnel { # from file >> /etc/freeradius/sites-enabled/inner-tunnel >> modules { >> Module: Checking authenticate {...} for more modules to load >> Module: Linked to module rlm_pap >> Module: Instantiating module "pap" from file /etc/freeradius/modules/pap >> pap { >> encryption_scheme = "auto" >> auto_header = no >> } >> Module: Linked to module rlm_chap >> Module: Instantiating module "chap" from file >> /etc/freeradius/modules/chap >> Module: Linked to module rlm_mschap >> Module: Instantiating module "mschap" from file >> /etc/freeradius/modules/mschap >> mschap { >> use_mppe = yes >> require_encryption = no >> require_strong = no >> with_ntdomain_hack = no >> } >> Module: Linked to module rlm_unix >> Module: Instantiating module "unix" from file >> /etc/freeradius/modules/unix >> unix { >> radwtmp = "/var/log/freeradius/radwtmp" >> } >> Module: Linked to module rlm_eap >> Module: Instantiating module "eap" from file /etc/freeradius/eap.conf >> eap { >> default_eap_type = "md5" >> timer_expire = 60 >> ignore_unknown_eap_types = no >> cisco_accounting_username_bug = no >> max_sessions = 4096 >> } >> Module: Linked to sub-module rlm_eap_md5 >> Module: Instantiating eap-md5 >> Module: Linked to sub-module rlm_eap_leap >> Module: Instantiating eap-leap >> Module: Linked to sub-module rlm_eap_gtc >> Module: Instantiating eap-gtc >> gtc { >> challenge = "Password: " >> auth_type = "PAP" >> } >> Module: Linked to sub-module rlm_eap_tls >> Module: Instantiating eap-tls >> tls { >> rsa_key_exchange = no >> dh_key_exchange = yes >> rsa_key_length = 512 >> dh_key_length = 512 >> verify_depth = 0 >> CA_path = "/etc/freeradius/certs" >> pem_file_type = yes >> private_key_file = "/etc/freeradius/certs/server.key" >> certificate_file = "/etc/freeradius/certs/server.pem" >> CA_file = "/etc/freeradius/certs/ca.pem" >> private_key_password = "whatever" >> dh_file = "/etc/freeradius/certs/dh" >> random_file = "/dev/urandom" >> fragment_size = 1024 >> include_length = yes >> check_crl = no >> cipher_list = "DEFAULT" >> make_cert_command = "/etc/freeradius/certs/bootstrap" >> cache { >> enable = no >> lifetime = 24 >> max_entries = 255 >> } >> verify { >> } >> } >> Module: Linked to sub-module rlm_eap_ttls >> Module: Instantiating eap-ttls >> ttls { >> default_eap_type = "md5" >> copy_request_to_tunnel = no >> use_tunneled_reply = no >> virtual_server = "inner-tunnel" >> include_length = yes >> } >> Module: Linked to sub-module rlm_eap_peap >> Module: Instantiating eap-peap >> peap { >> default_eap_type = "mschapv2" >> copy_request_to_tunnel = no >> use_tunneled_reply = no >> proxy_tunneled_request_as_eap = yes >> virtual_server = "inner-tunnel" >> } >> Module: Linked to sub-module rlm_eap_mschapv2 >> Module: Instantiating eap-mschapv2 >> mschapv2 { >> with_ntdomain_hack = no >> } >> Module: Checking authorize {...} for more modules to load >> Module: Linked to module rlm_realm >> Module: Instantiating module "suffix" from file >> /etc/freeradius/modules/realm >> realm suffix { >> format = "suffix" >> delimiter = "@" >> ignore_default = no >> ignore_null = no >> } >> Module: Linked to module rlm_files >> Module: Instantiating module "files" from file >> /etc/freeradius/modules/files >> files { >> usersfile = "/etc/freeradius/users" >> acctusersfile = "/etc/freeradius/acct_users" >> preproxy_usersfile = "/etc/freeradius/preproxy_users" >> compat = "no" >> } >> Module: Checking session {...} for more modules to load >> Module: Linked to module rlm_radutmp >> Module: Instantiating module "radutmp" from file >> /etc/freeradius/modules/radutmp >> radutmp { >> filename = "/var/log/freeradius/radutmp" >> username = "%{User-Name}" >> case_sensitive = yes >> check_with_nas = yes >> perm = 384 >> callerid = yes >> } >> Module: Checking post-proxy {...} for more modules to load >> Module: Checking post-auth {...} for more modules to load >> Module: Linked to module rlm_attr_filter >> Module: Instantiating module "attr_filter.access_reject" from file >> /etc/freeradius/modules/attr_filter >> attr_filter attr_filter.access_reject { >> attrsfile = "/etc/freeradius/attrs.access_reject" >> key = "%{User-Name}" >> } >> } # modules >> } # server >> server { # from file /etc/freeradius/radiusd.conf >> modules { >> Module: Checking authenticate {...} for more modules to load >> Module: Linked to module rlm_digest >> Module: Instantiating module "digest" from file >> /etc/freeradius/modules/digest >> Module: Checking authorize {...} for more modules to load >> Module: Linked to module rlm_preprocess >> Module: Instantiating module "preprocess" from file >> /etc/freeradius/modules/preprocess >> preprocess { >> huntgroups = "/etc/freeradius/huntgroups" >> hints = "/etc/freeradius/hints" >> with_ascend_hack = no >> ascend_channels_per_line = 23 >> with_ntdomain_hack = no >> with_specialix_jetstream_hack = no >> with_cisco_vsa_hack = no >> with_alvarion_vsa_hack = no >> } >> Module: Checking preacct {...} for more modules to load >> Module: Linked to module rlm_acct_unique >> Module: Instantiating module "acct_unique" from file >> /etc/freeradius/modules/acct_unique >> acct_unique { >> key = "User-Name, Acct-Session-Id, NAS-IP-Address, >> Client-IP-Address, NAS-Port" >> } >> Module: Checking accounting {...} for more modules to load >> Module: Linked to module rlm_detail >> Module: Instantiating module "detail" from file >> /etc/freeradius/modules/detail >> detail { >> detailfile = >> "/var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d" >> header = "%t" >> detailperm = 384 >> dirperm = 493 >> locking = no >> log_packet_header = no >> } >> Module: Instantiating module "attr_filter.accounting_response" from file >> /etc/freeradius/modules/attr_filter >> attr_filter attr_filter.accounting_response { >> attrsfile = "/etc/freeradius/attrs.accounting_response" >> key = "%{User-Name}" >> } >> Module: Checking session {...} for more modules to load >> Module: Checking post-proxy {...} for more modules to load >> Module: Checking post-auth {...} for more modules to load >> } # modules >> } # server >> radiusd: #### Opening IP addresses and Ports #### >> listen { >> type = "auth" >> ipaddr = * >> port = 0 >> } >> listen { >> type = "acct" >> ipaddr = * >> port = 0 >> } >> listen { >> type = "auth" >> ipaddr = 127.0.0.1 >> port = 18120 >> } >> Listening on authentication address * port 1812 >> Listening on accounting address * port 1813 >> Listening on authentication address 127.0.0.1 port 18120 as server >> inner-tunnel >> Listening on proxy address * port 1814 >> Ready to process requests. >> >> >> Thanks for your patience and replies, >> >> Dale >> >> -- >> >> Dale Grice >> >> Staff Engineer, Lab Architect; Motorola >> >> >> >> > > >
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html