Check that the firewall in front of your radius server accept 1812 to 1814 tcp connexion.
Le mercredi 25 avril 2012 à 13:58 +0300, NorthPole a écrit : > Hello everyone. > > I have a very weird problem with my setup. > > my clients.conf > > client 127.0.0.1 { > secret = testing123 > shortname = Localhost > } > client 20.20.20.20 { > secret = pfsense > shortname = pfsense > } > client 20.20.20.17 { > secret = testing > shortname = ubuntu > } > > with this setup I can only connect through the pfsense's captive portal > when I try to use radtest in both localhost and the remote ubuntu i > get a nas not found response > I'm using mysql authentication and the debugging output is the following > > > > rad_recv: Access-Request packet from host 20.20.20.17 port 55281, > id=56, length=67 > User-Name = "northpole" > User-Password = "1234" > NAS-IP-Address = 127.0.1.1 > NAS-Port = 1812 > Framed-Protocol = PPP > +- entering group authorize {...} > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > [suffix] No '@' in User-Name = "northpole", looking up realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] No EAP-Message, not doing EAP > ++[eap] returns noop > [files] users: Matched entry DEFAULT at line 50 > [files] expand: /usr/local/bin/rmauth "%{NAS-IP-Address}" > "%{User-Name}" "%{Calling-Station-Id}" -> /usr/local/bin/rmauth > "127.0.1.1" "northpole" "" > ++[files] returns ok > [sql] expand: %{User-Name} -> northpole > [sql] sql_set_user escaped user --> 'northpole' > rlm_sql (sql): Reserving sql socket id: 3 > [sql] expand: SELECT id, username, attribute, value, op > FROM radcheck WHERE username = '%{SQL-User-Name}' > ORDER BY id -> SELECT id, username, attribute, value, op > FROM radcheck WHERE username = 'northpole' ORDER > BY id > [sql] User found in radcheck table > [sql] expand: SELECT id, username, attribute, value, op > FROM radreply WHERE username = '%{SQL-User-Name}' > ORDER BY id -> SELECT id, username, attribute, value, op > FROM radreply WHERE username = 'northpole' ORDER > BY id > [sql] expand: SELECT groupname FROM radusergroup > WHERE username = '%{SQL-User-Name}' ORDER BY priority -> > SELECT groupname FROM radusergroup WHERE username > = 'northpole' ORDER BY priority > rlm_sql (sql): Released sql socket id: 3 > ++[sql] returns ok > ++[expiration] returns noop > ++[logintime] returns noop > [pap] Found existing Auth-Type, not changing it. > ++[pap] returns noop > Found Auth-Type = Local > WARNING: Please update your configuration, and remove 'Auth-Type = Local' > WARNING: Use the PAP or CHAP modules instead. > User-Password in the request is correct. > +- entering group session {...} > [sql] expand: %{User-Name} -> northpole > [sql] sql_set_user escaped user --> 'northpole' > [sql] expand: SELECT COUNT(*) FROM > radacct WHERE username = > '%{SQL-User-Name}' AND acctstoptime IS > NULL -> SELECT COUNT(*) FROM radacct > WHERE username = 'northpole' > AND acctstoptime IS NULL > rlm_sql (sql): Reserving sql socket id: 2 > rlm_sql (sql): Released sql socket id: 2 > ++[sql] returns ok > +- entering group post-auth {...} > [sqlippool] No Pool-Name defined. > [sqlippool] expand: No Pool-Name defined (did %{Called-Station-Id} > cli %{Calling-Station-Id} port %{NAS-Port} user %{User-Name}) -> No > Pool-Name defined (did cli port 1812 user northpole) > No Pool-Name defined (did cli port 1812 user northpole) > ++[sqlippool] returns noop > Exec-Program output: Reply-Message="NAS not found!" > Exec-Program-Wait: value-pairs: Reply-Message="NAS not found!" > Exec-Program: returned: 1 > [exec] Login incorrect (external check said so) > ++[exec] returns reject > Using Post-Auth-Type Reject > +- entering group REJECT {...} > [attr_filter.access_reject] expand: %{User-Name} -> northpole > attr_filter: Matched entry DEFAULT at line 11 > ++[attr_filter.access_reject] returns updated > Delaying reject of request 7 for 1 seconds > Going to the next request > Waking up in 0.9 seconds. > Sending delayed reject for request 7 > Sending Access-Reject of id 56 to 20.20.20.17 port 55281 > Reply-Message = "NAS not found!" > Waking up in 4.9 seconds. > Cleaning up request 7 ID 56 with timestamp +358 > Ready to process requests. > > what am I missing here? > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html