On 06/24/2013 02:01 PM, Julian Macassey wrote: >> I don't follow what you're doing. Is your radius server on >> 192.168.10.14, the same as your client? > > My radius server is: 192.168.10.16 > > My ldap server is: 192.168.10.14 > >> Because it looks like your >> sending your access-request to the client, not the server (unless >> they're both the same box). If they are the same box then make sure port >> 1812 is open.
I don't know what to say, you've got a lot of misconceptions going on and as far as I can figure you you haven't tried to read the documentation. For starters: You need to send radius requests to the radius server but you're sending them to your ldap server (huh???) radius client != ldap, radius client == nas You need to configure radius to work with ldap, but you haven't done that. You have to uncomment the ldap module from /etc/raddb/sites-enabled/default in the authorize section and also configure your ldap values in /etc/raddb/modules/ldap. You haven't done either of those. I'm afraid I can't help anymore, you need to start helping yourself first, pay attention to what you're doing, don't fail about, start with a vanilla configuration, put it under source control so you can revert, make only one change at a time, change only what you understand, and read the doc, most of it is inside the config files themselves. > >> Also your NAS-IP-Address in your request is not your >> client address of 192.168.10.14. > > I note that. But I have that in my > /etc/freeradius/clients.conf file: > > client plumgrid-ldap1 { > # # secret and password are mapped through the "secrets" > # file. > secret = d1sc0verplum > shortname = ldap > # # the following three fields are optional, but may be > # used by > # # checkrad.pl for simultaneous usage checks > ipaddr = 192.168.10.14 > nastype = other > ## login = !root > # password = someadminpas > } > ----- > > >> >> Also, 127.0.1.1 seems like an odd address, localhost is normally >> 127.0.0.1, what's in your /etc/hosts file? > > This seems to be an ubuntu oddity. > > I have modified it > > 127.0.0.1 localhost plumgrid-radius1.plumgrid.com plumgrid-radius1 > #127.0.1.1 plumgrid-radius1.plumgrid.com plumgrid-radius1 > > Yet, I still get 127.0.1.1 in my freeradius radtest. > > I can still ping 127.0.1.1 > > -- > plumgrid-radius1:freeradius root#> ping 127.0.1.1 > PING 127.0.1.1 (127.0.1.1) 56(84) bytes of data. > 64 bytes from 127.0.1.1: icmp_req=1 ttl=64 time=0.032 ms > 64 bytes from 127.0.1.1: icmp_req=2 ttl=64 time=0.035 ms > ----- > >> >> Also I don't see what this has to do with ldap, nothing as far as I can >> tell. >> > > Well, I have a a radius server that I would like to use > the ldap server to authenticate. It works using localhost and the > users file. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html