Hello Michael, What happen if you do /usr/local/pf/bin/pfcmd service radiusd status
Can you do that: /usr/local/pf/bin/pfcmd service radiusd stop radiusd -d /usr/local/pf/raddb -X And retry a connection ? And did you check on the PacketFence side with tcpdump the radius traffic ? Regards Fabrice Le 2015-06-01 02:50, Michael Stone a écrit : > > Hi, > > > > We are testing PacketFence with our Ruckus WLC but for some reason the > RADIUS traffic is being ignored by FreeRadius. > > > > I can see the Ruckus RADIUS traffic on the management port using > TCPDUMP but there is nothing in the radius.log to suggest it has been > processed. > > > > I know that FreeRadius is running because RADIUS traffic generated by > the NATRadPing Test utility is appearing in the logs (as well as the > TCPDUMP. > > > > Below is the TCPDUMP results for the Ruckus traffic and the NATRadPing > traffic. Note I have configured NATRadPing to replicate RADIUS > attributes in the Ruckus RADIUS packets. > > > > Can anyone help work out what is going wrong? > > > > Thanks, > > > > *Michael Stone* > > *Invigor Group* > > * * > > *Ruckus RADIUS Packet* > > * * > > *16:26:29.647203 IP (tos 0x0, ttl 61, id 0, offset 0, flags [DF], > proto UDP (17), length 231)* > > * 203-174-136-114.syd.static-ipl.aapt.com.au.46363 > > packetfence.radius: [udp sum ok] RADIUS, length: 203* > > * Access Request (1), id: 0x02, Authenticator: > e7fd1f94199b81e812979a2ab10f4d2a* > > * Username Attribute (1), length: 19, Value: 98:03:D8:88:52:36* > > * 0x0000: 3938 3a30 333a 4438 3a38 383a 3532 3a33* > > * 0x0010: 36* > > * Password Attribute (2), length: 34, Value:* > > * 0x0000: 517d f3df d789 37ad d425 6526 9836 f8b9* > > * 0x0010: 03bf 2544 47ff 6561 19f1 ab32 8747 14bb* > > * Calling Station Attribute (31), length: 19, Value: > 98-03-D8-88-52-36* > > * 0x0000: 3938 2d30 332d 4438 2d38 382d 3532 2d33* > > * 0x0010: 36* > > * NAS IP Address Attribute (4), length: 6, Value: 10.10.10.92* > > * 0x0000: 0a0a 0a5c* > > * Called Station Attribute (30), length: 34, Value: > 84-18-3A-18-4E-18:Ruckus-PF-Free* > > * 0x0000: 3834 2d31 382d 3341 2d31 382d 3445 2d31* > > * 0x0010: 383a 5275 636b 7573 2d50 462d 4672 6565* > > * Service Type Attribute (6), length: 6, Value: Framed* > > * 0x0000: 0000 0002* > > * NAS Port Type Attribute (61), length: 6, Value: Wireless - > IEEE 802.11* > > * 0x0000: 0000 0013* > > * NAS ID Attribute (32), length: 19, Value: 84-18-3A-18-4E-18* > > * 0x0000: 3834 2d31 382d 3341 2d31 382d 3445 2d31* > > * 0x0010: 38* > > * Vendor Specific Attribute (26), length: 22, Value: Vendor: > Unknown (25053)* > > * Vendor Attribute: 3, Length: 14, Value: Ruckus-PF-Free* > > * 0x0000: 0000 61dd 0310 5275 636b 7573 2d50 462d* > > * 0x0010: 4672 6565* > > * Message Authentication Attribute (80), length: 18, Value: > .A.d.f..* > > * 0x0000: a241 0164 0566 0b01 00bf b95c b760 db5f* > > * * > > *NATRadPing Test Radius Traffic (with response)* > > * * > > *16:48:53.267082 IP (tos 0x0, ttl 125, id 4843, offset 0, flags > [none], proto UDP (17), length 188)* > > * 203-174-136-114.syd.static-ipl.aapt.com.au.29436 > > packetfence.radius: [udp sum ok] RADIUS, length: 160* > > * Access Request (1), id: 0x2b, Authenticator: > 20202020202031343333313431333333* > > * Username Attribute (1), length: 19, Value: 98:03:D8:88:52:36* > > * 0x0000: 3938 3a30 333a 4438 3a38 383a 3532 3a33* > > * 0x0010: 36* > > * NAS IP Address Attribute (4), length: 6, Value: 10.10.10.92* > > * 0x0000: 0a0a 0a5c* > > * NAS Port Type Attribute (61), length: 6, Value: Async* > > * 0x0000: 0000 0000* > > * Calling Station Attribute (31), length: 19, Value: > 98-03-D8-88-52-36* > > * 0x0000: 3938 2d30 332d 4438 2d38 382d 3532 2d33* > > * 0x0010: 36* > > * Called Station Attribute (30), length: 34, Value: > 84-18-3A-18-4E-18:Ruckus-PF-Free* > > * 0x0000: 3834 2d31 382d 3341 2d31 382d 3445 2d31* > > * 0x0010: 383a 5275 636b 7573 2d50 462d 4672 6565* > > * Service Type Attribute (6), length: 6, Value: Framed* > > * 0x0000: 0000 0002* > > * NAS Port Type Attribute (61), length: 6, Value: Wireless - > IEEE 802.11* > > * 0x0000: 0000 0013* > > * NAS ID Attribute (32), length: 19, Value: 84-18-3A-18-4E-18* > > * 0x0000: 3834 2d31 382d 3341 2d31 382d 3445 2d31* > > * 0x0010: 38* > > * Vendor Specific Attribute (26), length: 25, Value: Vendor: > Unknown (1983730293)* > > * Vendor Attribute: 99, Length: 107 (bogus, goes past end > of vendor-specific attribute)* > > * 0x0000: 763d 5275 636b 7573 2057 6972 656c 6573* > > * 0x0010: 732c 2049 6e63 2e* > > *16:48:53.281113 IP (tos 0x0, ttl 64, id 15135, offset 0, flags > [none], proto UDP (17), length 104)* > > * packetfence.radius > > 203-174-136-114.syd.static-ipl.aapt.com.au.29436: [bad udp cksum > 0x84d8 -> 0x8d54!] RADIUS, length: 76* > > * Access Reject (3), id: 0x2b, Authenticator: > 7d7630cd4906ee5492263b1fcd7f2b82* > > * Reply Attribute (18), length: 56, Value: Network device > does not support this mode of operation* > > * 0x0000: 4e65 7477 6f72 6b20 6465 7669 6365 2064* > > * 0x0010: 6f65 7320 6e6f 7420 7375 7070 6f72 7420* > > * 0x0020: 7468 6973 206d 6f64 6520 6f66 206f 7065* > > * 0x0030: 7261 7469 6f6e* > > * * > > * * > > Invigor Group Limited is a company registered in Australia (ABN 75 081 > 368 274). This email and any attachments are intended solely for the > use of the addressee(s) and may contain information that is > confidential, subject to copyright and subject to legal professional > privilege. If you have received this email in error, please notify the > sender immediately, delete it and destroy all copies. Any views > expressed are those of the individual sender unless expressly stated > otherwise. In respect of this email and any attachments, to the extent > permitted by law, no warranty is given and all liability is > excluded,including, without limitation, liability for any loss or > damage caused by way of computer virus, defect, delay, or interruption. > > > ------------------------------------------------------------------------------ > > > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Fabrice Durand [email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org)
0xF78F957E.asc
Description: application/pgp-keys
------------------------------------------------------------------------------
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
