Error: Ignoring request from unknown client IP:32772
Hi, I am new to chillispot and freeradius. My setup is as follows. I am using linksys wrt54gl which connects to a server running chillispot which did connect to a linksys router and everything worked fine. I am switching to a new network and I replaced the linksys router with a cisco 1841 router. Also changed the IP address of the cisco router. Changed the IP in the clients.conf. I can register as a user but when trying to connect to the internet, I get the error ignoring request form unkown client IP:32772. Is there anything I need to change, now that I am using a cisco router? Thanks, jon - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Error: Ignoring request from unknown client IP:32772
Hi jon I guess you forget set the ip in freeradius client.conf, but this ip do not look like ip address. Fabián Omar Franzotti Resistencia - Chaco Argentina - Original Message - From: jon jon To: freeradius-users@lists.freeradius.org Sent: Monday, April 20, 2009 4:45 PM Subject: Error: Ignoring request from unknown client IP:32772 Hi, I am new to chillispot and freeradius. My setup is as follows. I am using linksys wrt54gl which connects to a server running chillispot which did connect to a linksys router and everything worked fine. I am switching to a new network and I replaced the linksys router with a cisco 1841 router. Also changed the IP address of the cisco router. Changed the IP in the clients.conf. I can register as a user but when trying to connect to the internet, I get the error ignoring request form unkown client IP:32772. Is there anything I need to change, now that I am using a cisco router? Thanks, jon -- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Error: Ignoring request from unknown client IP:32772
I did set the new IP address in the new client.conf. jon On Mon, Apr 20, 2009 at 3:10 PM, Fabián Omar Franzotti fofw...@gmail.comwrote: Hi jon I guess you forget set the ip in freeradius client.conf, but this ip do not look like ip address. Fabián Omar Franzotti Resistencia - Chaco Argentina - Original Message - *From:* jon jon free9...@gmail.com *To:* freeradius-users@lists.freeradius.org *Sent:* Monday, April 20, 2009 4:45 PM *Subject:* Error: Ignoring request from unknown client IP:32772 Hi, I am new to chillispot and freeradius. My setup is as follows. I am using linksys wrt54gl which connects to a server running chillispot which did connect to a linksys router and everything worked fine. I am switching to a new network and I replaced the linksys router with a cisco 1841 router. Also changed the IP address of the cisco router. Changed the IP in the clients.conf. I can register as a user but when trying to connect to the internet, I get the error ignoring request form unkown client IP:32772. Is there anything I need to change, now that I am using a cisco router? Thanks, jon -- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Error: Ignoring request from unknown client IP:32772
May you paste the error and your client.conf - Fabián Omar Franzotti Resistencia - Chaco - Argentina Tel Arg.: 54-(372)-243-8710 / 54-(372)-257-0347 USA Phone: 1-(321)-284-3865 - - Original Message - From: jon jon To: FreeRadius users mailing list Sent: Monday, April 20, 2009 5:14 PM Subject: Re: Error: Ignoring request from unknown client IP:32772 I did set the new IP address in the new client.conf. jon On Mon, Apr 20, 2009 at 3:10 PM, Fabián Omar Franzotti fofw...@gmail.com wrote: Hi jon I guess you forget set the ip in freeradius client.conf, but this ip do not look like ip address. Fabián Omar Franzotti Resistencia - Chaco Argentina - Original Message - From: jon jon To: freeradius-users@lists.freeradius.org Sent: Monday, April 20, 2009 4:45 PM Subject: Error: Ignoring request from unknown client IP:32772 Hi, I am new to chillispot and freeradius. My setup is as follows. I am using linksys wrt54gl which connects to a server running chillispot which did connect to a linksys router and everything worked fine. I am switching to a new network and I replaced the linksys router with a cisco 1841 router. Also changed the IP address of the cisco router. Changed the IP in the clients.conf. I can register as a user but when trying to connect to the internet, I get the error ignoring request form unkown client IP:32772. Is there anything I need to change, now that I am using a cisco router? Thanks, jon - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Error: Ignoring request from unknown client IP:32772
Hmmm, jon Sorry your chilli is not running on cisco, so if you are using the cisco like AP and keep the chilli in the same PC or device that you have, don't need change the ip on freeradius client.conf. because is the same client that you did have. - Fabián Omar Franzotti Resistencia - Chaco - Argentina Tel Arg.: 54-(372)-243-8710 / 54-(372)-257-0347 USA Phone: 1-(321)-284-3865 - Original Message - From: jon jon To: FreeRadius users mailing list Sent: Monday, April 20, 2009 5:14 PM Subject: Re: Error: Ignoring request from unknown client IP:32772 I did set the new IP address in the new client.conf. jon On Mon, Apr 20, 2009 at 3:10 PM, Fabián Omar Franzotti fofw...@gmail.com wrote: Hi jon I guess you forget set the ip in freeradius client.conf, but this ip do not look like ip address. Fabián Omar Franzotti Resistencia - Chaco Argentina - Original Message - From: jon jon To: freeradius-users@lists.freeradius.org Sent: Monday, April 20, 2009 4:45 PM Subject: Error: Ignoring request from unknown client IP:32772 Hi, I am new to chillispot and freeradius. My setup is as follows. I am using linksys wrt54gl which connects to a server running chillispot which did connect to a linksys router and everything worked fine. I am switching to a new network and I replaced the linksys router with a cisco 1841 router. Also changed the IP address of the cisco router. Changed the IP in the clients.conf. I can register as a user but when trying to connect to the internet, I get the error ignoring request form unkown client IP:32772. Is there anything I need to change, now that I am using a cisco router? Thanks, jon - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Error: Ignoring request from unknown client IP:32772
No, I can't paste my client.conf file, what is it that you are looking for in this file? The error message is Error: Ignoring request form unkown client myipaddress:32772 Jon On Mon, Apr 20, 2009 at 3:18 PM, Fabián Omar Franzotti fofw...@gmail.comwrote: May you paste the error and your client.conf - Fabián Omar Franzotti Resistencia - Chaco - Argentina Tel Arg.: 54-(372)-243-8710 / 54-(372)-257-0347 USA Phone: 1-(321)-284-3865 - - Original Message - From: jon jon To: FreeRadius users mailing list Sent: Monday, April 20, 2009 5:14 PM Subject: Re: Error: Ignoring request from unknown client IP:32772 I did set the new IP address in the new client.conf. jon On Mon, Apr 20, 2009 at 3:10 PM, Fabián Omar Franzotti fofw...@gmail.com wrote: Hi jon I guess you forget set the ip in freeradius client.conf, but this ip do not look like ip address. Fabián Omar Franzotti Resistencia - Chaco Argentina - Original Message - From: jon jon To: freeradius-users@lists.freeradius.org Sent: Monday, April 20, 2009 4:45 PM Subject: Error: Ignoring request from unknown client IP:32772 Hi, I am new to chillispot and freeradius. My setup is as follows. I am using linksys wrt54gl which connects to a server running chillispot which did connect to a linksys router and everything worked fine. I am switching to a new network and I replaced the linksys router with a cisco 1841 router. Also changed the IP address of the cisco router. Changed the IP in the clients.conf. I can register as a user but when trying to connect to the internet, I get the error ignoring request form unkown client IP:32772. Is there anything I need to change, now that I am using a cisco router? Thanks, jon - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Error: Ignoring request from unknown client IP:32772
I am switching to a new network, that is why I am changing the IP address in the client.conf file. On Mon, Apr 20, 2009 at 3:26 PM, jon jon free9...@gmail.com wrote: No, I can't paste my client.conf file, what is it that you are looking for in this file? The error message is Error: Ignoring request form unkown client myipaddress:32772 Jon On Mon, Apr 20, 2009 at 3:18 PM, Fabián Omar Franzotti fofw...@gmail.com wrote: May you paste the error and your client.conf - Fabián Omar Franzotti Resistencia - Chaco - Argentina Tel Arg.: 54-(372)-243-8710 / 54-(372)-257-0347 USA Phone: 1-(321)-284-3865 - - Original Message - From: jon jon To: FreeRadius users mailing list Sent: Monday, April 20, 2009 5:14 PM Subject: Re: Error: Ignoring request from unknown client IP:32772 I did set the new IP address in the new client.conf. jon On Mon, Apr 20, 2009 at 3:10 PM, Fabián Omar Franzotti fofw...@gmail.com wrote: Hi jon I guess you forget set the ip in freeradius client.conf, but this ip do not look like ip address. Fabián Omar Franzotti Resistencia - Chaco Argentina - Original Message - From: jon jon To: freeradius-users@lists.freeradius.org Sent: Monday, April 20, 2009 4:45 PM Subject: Error: Ignoring request from unknown client IP:32772 Hi, I am new to chillispot and freeradius. My setup is as follows. I am using linksys wrt54gl which connects to a server running chillispot which did connect to a linksys router and everything worked fine. I am switching to a new network and I replaced the linksys router with a cisco 1841 router. Also changed the IP address of the cisco router. Changed the IP in the clients.conf. I can register as a user but when trying to connect to the internet, I get the error ignoring request form unkown client IP:32772. Is there anything I need to change, now that I am using a cisco router? Thanks, jon - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Error: Ignoring request from unknown client IP:32772
Well, sorry I can help you, because that don't look like ip address for me. And I don't know from where came this message. Maybe other guys in the list know how help to you. - Fabián Omar Franzotti Resistencia - Chaco - Argentina Tel Arg.: 54-(372)-243-8710 / 54-(372)-257-0347 USA Phone: 1-(321)-284-3865 - Original Message - From: jon jon To: FreeRadius users mailing list Sent: Monday, April 20, 2009 5:26 PM Subject: Re: Error: Ignoring request from unknown client IP:32772 No, I can't paste my client.conf file, what is it that you are looking for in this file? The error message is Error: Ignoring request form unkown client myipaddress:32772 Jon On Mon, Apr 20, 2009 at 3:18 PM, Fabián Omar Franzotti fofw...@gmail.com wrote: May you paste the error and your client.conf - Fabián Omar Franzotti Resistencia - Chaco - Argentina Tel Arg.: 54-(372)-243-8710 / 54-(372)-257-0347 USA Phone: 1-(321)-284-3865 - - Original Message - From: jon jon To: FreeRadius users mailing list Sent: Monday, April 20, 2009 5:14 PM Subject: Re: Error: Ignoring request from unknown client IP:32772 I did set the new IP address in the new client.conf. jon On Mon, Apr 20, 2009 at 3:10 PM, Fabián Omar Franzotti fofw...@gmail.com wrote: Hi jon I guess you forget set the ip in freeradius client.conf, but this ip do not look like ip address. Fabián Omar Franzotti Resistencia - Chaco Argentina - Original Message - From: jon jon To: freeradius-users@lists.freeradius.org Sent: Monday, April 20, 2009 4:45 PM Subject: Error: Ignoring request from unknown client IP:32772 Hi, I am new to chillispot and freeradius. My setup is as follows. I am using linksys wrt54gl which connects to a server running chillispot which did connect to a linksys router and everything worked fine. I am switching to a new network and I replaced the linksys router with a cisco 1841 router. Also changed the IP address of the cisco router. Changed the IP in the clients.conf. I can register as a user but when trying to connect to the internet, I get the error ignoring request form unkown client IP:32772. Is there anything I need to change, now that I am using a cisco router? Thanks, jon - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Error: Ignoring request from unknown client IP:32772
The error message is coming from radius.log file. On Mon, Apr 20, 2009 at 3:31 PM, Fabián Omar Franzotti fofw...@gmail.comwrote: Well, sorry I can help you, because that don't look like ip address for me. And I don't know from where came this message. Maybe other guys in the list know how help to you. - Fabián Omar Franzotti Resistencia - Chaco - Argentina Tel Arg.: 54-(372)-243-8710 / 54-(372)-257-0347 USA Phone: 1-(321)-284-3865 - Original Message - *From:* jon jon free9...@gmail.com *To:* FreeRadius users mailing listfreeradius-users@lists.freeradius.org *Sent:* Monday, April 20, 2009 5:26 PM *Subject:* Re: Error: Ignoring request from unknown client IP:32772 No, I can't paste my client.conf file, what is it that you are looking for in this file? The error message is Error: Ignoring request form unkown client myipaddress:32772 Jon On Mon, Apr 20, 2009 at 3:18 PM, Fabián Omar Franzotti fofw...@gmail.comwrote: May you paste the error and your client.conf - Fabián Omar Franzotti Resistencia - Chaco - Argentina Tel Arg.: 54-(372)-243-8710 / 54-(372)-257-0347 USA Phone: 1-(321)-284-3865 - - Original Message - From: jon jon To: FreeRadius users mailing list Sent: Monday, April 20, 2009 5:14 PM Subject: Re: Error: Ignoring request from unknown client IP:32772 I did set the new IP address in the new client.conf. jon On Mon, Apr 20, 2009 at 3:10 PM, Fabián Omar Franzotti fofw...@gmail.com wrote: Hi jon I guess you forget set the ip in freeradius client.conf, but this ip do not look like ip address. Fabián Omar Franzotti Resistencia - Chaco Argentina - Original Message - From: jon jon To: freeradius-users@lists.freeradius.org Sent: Monday, April 20, 2009 4:45 PM Subject: Error: Ignoring request from unknown client IP:32772 Hi, I am new to chillispot and freeradius. My setup is as follows. I am using linksys wrt54gl which connects to a server running chillispot which did connect to a linksys router and everything worked fine. I am switching to a new network and I replaced the linksys router with a cisco 1841 router. Also changed the IP address of the cisco router. Changed the IP in the clients.conf. I can register as a user but when trying to connect to the internet, I get the error ignoring request form unkown client IP:32772. Is there anything I need to change, now that I am using a cisco router? Thanks, jon - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Error: Ignoring request from unknown client IP:32772
No, I can't paste my client.conf file, what is it that you are looking for in this file? Source of your error. But if you are not willing to reveal relevant information ... Feel free to come back when you are willing to post the output of radiusd -X (as suggested in any peace of documentation and daily on this list) masking only passwords and secrets. Asking for help but altering error messages and not willing to reveal config files is a waste of everyones time. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Error: Ignoring request from unknown client IP:1645
I'm very sorry Alan for replying to your own email address and not on the list. Here it is Il giorno lun, 12/02/2007 alle 13.35 +0100, Alan DeKok ha scritto: Davide Molteni wrote: On the cisco I configured: radius-server host ipmyradius auth-port 1812 acct-port 1813 and the other aaa commands needed If I look at the radius.log file I always see Error: Ignoring request from unknown client ipmycisco:1645 Did you configure the server to have that IP in clients.conf? Sure! With the IP and the same shared key as the cisco NAS client The Cisco router keeps always trying to connect to radius using port 1645 even if I specified to use 1812... That's a bug in the Cisco router. Yea but is this a problem for freeradius to properly work? I need to set freeradius to listen on 1645 in radiusd.conf? Or I need to change it in /etc/services ? I have tried to configure radius server to listen on port 1645 but is the same. Listening on port 1645 won't make the server believe that ipmycisco is a known client. Well I know this very well in fact, the client that is ignored is properly configured in clients.conf The microsoft radius integration(server 2003) worked at first try with this cisco config... Really. Did you configure the Cisco box as a client in the MS RADIUS server? Yes, sure I had to put in the ms radius the cisco box as a client otherwise it wouldn't work... Please notice that I would like to use this radius for simple PAP ONLY. Maybe I'm doing something wrong with users file? Please tell me the right way to configure a single test user for PAP only. I would like to disable unused modules (ldap,mysql...) It couldn't be a problem of authentication method? I forgot an important element to tell anyone wants to help. I tried to change the shared key on one side (radius) and noticed that log file continue to write again the same error Ignoring request from unknown client IP:1645 So the issue it's due to the fact that cisco client don't exchange shared key with radius... This can halp to focus better the problem? thanks in advance - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Error: Ignoring request from unknown client IP:1645
Hi, I'm very sorry Alan for replying to your own email address and not on the list. Here it is your errors are symptomatic of a trivial but basic configuration munge. can you email your clients.conf and radiusd.conf files alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Error: Ignoring request from unknown client IP:1645
Hi,
client localhost {
secret = 181180
shortname = localhost
nastype = other
}
client 192.168.0.1 {
secret = 181180
shortname = testcisco
nastype = cisco
}
those look fine. have you actually tried a 'radtest' on the local server
to check all is well? eg put the following into your 'users' file
testuser01 Auth-Type:=Local, User-Password==ehwtehi
restart radiusd process then do
radtest testuser01 ehwtehi localhost 1812 181180
this is pure and simple PAP authentication at its best.
## radiusd.conf -- FreeRADIUS server configuration file.
which version of freeradius? this config is a bit crusty for a 1.x
install
change the following parts
#bind_address = *
#port = 0
listen {
# IP address on which to listen.
# Allowed values are:
# dotted quad (1.2.3.4)
# hostname(radius.example.com)
# wildcard(*)
ipaddr = *
# Port on which to listen.
# Allowed values are:
# integer port number (1812)
# 0 means use /etc/services for the proper port
port = 1645
# Type of packets to listen for.
# Allowed values are:
# authlisten for authentication packets
# acctlisten for accounting packets
#
type = auth
}
this uses the 1.x listen directive. i've also changed the port to 1645 - as you
say your
cisco is expecting this port!
proxy_requests = yes
$INCLUDE ${confdir}/proxy.conf
are you proxying? you didnt say so. you should set this to no(!)
# Supports multiple encryption schemes
# clear: Clear text
# crypt: Unix crypt
#md5: MD5 ecnryption
# sha1: SHA1 encryption.
# DEFAULT: crypt
pap {
encryption_scheme = crypt
}
to do the radtest I mentioned above, this value needs to be 'clear'
you a crypted version of that password if you wish to use 'crypt'
as for all the rest. if you arent using it. comment it out.
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Error: Ignoring request from unknown client IP:1645
Il giorno mar, 13/02/2007 alle 11.59 +, [EMAIL PROTECTED] ha
scritto:
Hi,
client localhost {
secret = 181180
shortname = localhost
nastype = other
}
client 192.168.0.1 {
secret = 181180
shortname = testcisco
nastype = cisco
}
those look fine. have you actually tried a 'radtest' on the local server
to check all is well? eg put the following into your 'users' file
testuser01 Auth-Type:=Local, User-Password==ehwtehi
restart radiusd process then do
radtest testuser01 ehwtehi localhost 1812 181180
Ok just after this test i have
after many tries Re-Sending Access-Request ...
radclient: no response from server for ID 250
This without any change to the radiusd.conf Now I will make all the
modifications you suggested and send you the results.
I'm not proxying.
The freeradius version is 1.0.1
this is pure and simple PAP authentication at its best.
## radiusd.conf -- FreeRADIUS server configuration file.
which version of freeradius? this config is a bit crusty for a 1.x
install
change the following parts
#bind_address = *
#port = 0
listen {
# IP address on which to listen.
# Allowed values are:
# dotted quad (1.2.3.4)
# hostname(radius.example.com)
# wildcard(*)
ipaddr = *
# Port on which to listen.
# Allowed values are:
# integer port number (1812)
# 0 means use /etc/services for the proper port
port = 1645
# Type of packets to listen for.
# Allowed values are:
# authlisten for authentication packets
# acctlisten for accounting packets
#
type = auth
}
this uses the 1.x listen directive. i've also changed the port to 1645 - as
you say your
cisco is expecting this port!
proxy_requests = yes
$INCLUDE ${confdir}/proxy.conf
are you proxying? you didnt say so. you should set this to no(!)
# Supports multiple encryption schemes
# clear: Clear text
# crypt: Unix crypt
#md5: MD5 ecnryption
# sha1: SHA1 encryption.
# DEFAULT: crypt
pap {
encryption_scheme = crypt
}
to do the radtest I mentioned above, this value needs to be 'clear'
you a crypted version of that password if you wish to use 'crypt'
as for all the rest. if you arent using it. comment it out.
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Error: Ignoring request from unknown client IP:1645
I had the problem before and it was because in the clients.conf file I had written clients (with an s) and not client. Message: 1 Date: Tue, 13 Feb 2007 12:13:08 +0100 From: Davide Molteni [EMAIL PROTECTED] Subject: Re: Error: Ignoring request from unknown client IP:1645 To: freeradius list freeradius-users@lists.freeradius.org Message-ID: [EMAIL PROTECTED] Content-Type: text/plain I'm very sorry Alan for replying to your own email address and not on the list. Here it is Il giorno lun, 12/02/2007 alle 13.35 +0100, Alan DeKok ha scritto: Davide Molteni wrote: On the cisco I configured: radius-server host ipmyradius auth-port 1812 acct-port 1813 and the other aaa commands needed If I look at the radius.log file I always see Error: Ignoring request from unknown client ipmycisco:1645 Did you configure the server to have that IP in clients.conf? Sure! With the IP and the same shared key as the cisco NAS client The Cisco router keeps always trying to connect to radius using port 1645 even if I specified to use 1812... That's a bug in the Cisco router. Yea but is this a problem for freeradius to properly work? I need to set freeradius to listen on 1645 in radiusd.conf? Or I need to change it in /etc/services ? I have tried to configure radius server to listen on port 1645 but is the same. Listening on port 1645 won't make the server believe that ipmycisco is a known client. Well I know this very well in fact, the client that is ignored is properly configured in clients.conf The microsoft radius integration(server 2003) worked at first try with this cisco config... Really. Did you configure the Cisco box as a client in the MS RADIUS server? Yes, sure I had to put in the ms radius the cisco box as a client otherwise it wouldn't work... Please notice that I would like to use this radius for simple PAP ONLY. Maybe I'm doing something wrong with users file? Please tell me the right way to configure a single test user for PAP only. I would like to disable unused modules (ldap,mysql...) It couldn't be a problem of authentication method? I forgot an important element to tell anyone wants to help. I tried to change the shared key on one side (radius) and noticed that log file continue to write again the same error Ignoring request from unknown client IP:1645 So the issue it's due to the fact that cisco client don't exchange shared key with radius... This can halp to focus better the problem? thanks in advance -- Walt Reynolds Principle Systems Security Development Engineer Information Technology Central Services University of Michigan (734) 615-9438 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Error: Ignoring request from unknown client IP:1645
Hi, Ok just after this test i have after many tries Re-Sending Access-Request ... radclient: no response from server for ID 250 sounds like you have a firewall blocking the request or that your server is not active! in one window, run 'radiusd -X' at the same time as the 'radtest' this is the best debug method for this level of issue. then, run e.g. on Linux box iptables -L -n if you have firewall. add UDP ports 1812/1813 slsn - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Error: Ignoring request from unknown client IP:1645
Davide Molteni wrote: Error: Ignoring request from unknown client ipmycisco:1645 Did you configure the server to have that IP in clients.conf? Sure! With the IP and the same shared key as the cisco NAS client shrug The server isn't finding it. Are you sure the server is reading the clients.conf file you're editing? Please notice that I would like to use this radius for simple PAP ONLY. Maybe I'm doing something wrong with users file? No. Please tell me the right way to configure a single test user for PAP only. I would like to disable unused modules (ldap,mysql...) It's in the FAQ. It couldn't be a problem of authentication method? No. I forgot an important element to tell anyone wants to help. I tried to change the shared key on one side (radius) and noticed that log file continue to write again the same error Ignoring request from unknown client IP:1645 So the issue it's due to the fact that cisco client don't exchange shared key with radius... No. They don't exchange shared keys. You MUST list the Cisco's IP in clients.conf. It looks like you're not doing that, or you're doing it wrong, or you're editing a file the server isn't reading. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Error: Ignoring request from unknown client IP:1645
Ok you got it! It was a simple user permissions problem on the file clients.conf! Shame on me... The daemon tried to read the old confguration files clients and naslist just because user that runs radiusd can't access the actual clients.conf Now everything is working fine, I have to review some concepts on cisco AAA because it won't authorize my users but just authenticate it but this issue it's surely on cisco side. Thanks a lot for the quick help Davide Il giorno mar, 13/02/2007 alle 15.26 +0100, Alan DeKok ha scritto: Davide Molteni wrote: Error: Ignoring request from unknown client ipmycisco:1645 Did you configure the server to have that IP in clients.conf? Sure! With the IP and the same shared key as the cisco NAS client shrug The server isn't finding it. Are you sure the server is reading the clients.conf file you're editing? Please notice that I would like to use this radius for simple PAP ONLY. Maybe I'm doing something wrong with users file? No. Please tell me the right way to configure a single test user for PAP only. I would like to disable unused modules (ldap,mysql...) It's in the FAQ. It couldn't be a problem of authentication method? No. I forgot an important element to tell anyone wants to help. I tried to change the shared key on one side (radius) and noticed that log file continue to write again the same error Ignoring request from unknown client IP:1645 So the issue it's due to the fact that cisco client don't exchange shared key with radius... No. They don't exchange shared keys. You MUST list the Cisco's IP in clients.conf. It looks like you're not doing that, or you're doing it wrong, or you're editing a file the server isn't reading. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Error: Ignoring request from unknown client IP:1645
I made this very simple environmet for testing purpuse but I can't get it work... I have a cisco 1750 router with IOS 12.1(5)IB4 and configured it to access a radius server made with phpRADmin livecd (fedora5+freeradius) On the cisco I configured: radius-server host ipmyradius auth-port 1812 acct-port 1813 and the other aaa commands needed If I look at the radius.log file I always see Error: Ignoring request from unknown client ipmycisco:1645 The Cisco router keeps always trying to connect to radius using port 1645 even if I specified to use 1812... I have tried to configure radius server to listen on port 1645 but is the same. Obviously the shared key is the same on both sides. I even tried with a clean installation of freeradius on a plain debian but I get the same error in the logs... The microsoft radius integration(server 2003) worked at first try with this cisco config... Please any help? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Error: Ignoring request from unknown client IP:1645
Davide Molteni wrote: On the cisco I configured: radius-server host ipmyradius auth-port 1812 acct-port 1813 and the other aaa commands needed If I look at the radius.log file I always see Error: Ignoring request from unknown client ipmycisco:1645 Did you configure the server to have that IP in clients.conf? The Cisco router keeps always trying to connect to radius using port 1645 even if I specified to use 1812... That's a bug in the Cisco router. I have tried to configure radius server to listen on port 1645 but is the same. Listening on port 1645 won't make the server believe that ipmycisco is a known client. The microsoft radius integration(server 2003) worked at first try with this cisco config... Really. Did you configure the Cisco box as a client in the MS RADIUS server? Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Ignoring request from unknown client *.*.*.* 2244
I have configured FreeRadius to use Mysql.It seemed Mysql works well when I input Radiusd -X. However when I use NtRadPing to test,I always get the following error: rad_recv: Access-Request packet from host 202.117.15.164:2244, id=0, length=43Ignoring request from unknown client 202.117.15.164:2244 --- Walking the entire request list --- I insert items into the table 'nas' int the 'radius' databaselike : +++---+---+---++---+---+| id | nasname | shortname | type | ports | secret | community | description |+++---+---+---++---+---+ | 1 | 202.117.15.164 | liv1 | other | NULL | testing123 | NULL | RADIUS Client |+++---+---+---++---+---+ But it doesn't work. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Ignoring request from unknown client 1.2.3.4.:****
Having installed Mysql4.0, I recompile Freeradius 1.0.5. It seems Freeradius and Mysql works well when I enter : radiusd -X. However, when I use the 'UserName' and 'Password' in the 'radcheck' table to test , I get the following output from Radius Server: rad_recv: Access-Request packet from host 202.117.49.26:3978, id=12, length=47 Ignoring request from unknown client 202.117.49.26:3978 --- Walking the entire request list --- Any suggestions? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Ignoring request from unknown client 1.2.3.4.:****
This is because you didn not allow your radius to accept request from your client with IP 202.117.49.26. If you are using regular config files you need to edit Clients config, If u are using MySQL you need to set, radiusd.config to read NAS table im MuSQL (look et the end of the config file, I think its a last line) and then add your NAS clients to NAS table im db From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of yao guoxian Sent: Sunday, March 12, 2006 8:49 PM To: freeradius-users@lists.freeradius.org Subject: Ignoring request from unknown client 1.2.3.4.: Having installed Mysql4.0, I recompile Freeradius 1.0.5. It seems Freeradius and Mysql works well when I enter : radiusd -X. However, when I use the 'UserName' and 'Password' in the 'radcheck' table to test , I get the following output from Radius Server: rad_recv: Access-Request packet from host 202.117.49.26:3978, id=12, length=47 Ignoring request from unknown client 202.117.49.26:3978 --- Walking the entire request list --- Any suggestions? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Ignoring request from unknown client
Networking
10.192.1.0/24 or 10.192.0.0/16
On Friday 03 December 2004 20:53, Brian Ammons wrote:
is this NOT supposed to be 10.192.1.11/32?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf
Of Michael
Basso
Sent: Friday, December 03, 2004 12:29 PM
To: [EMAIL PROTECTED]
Subject: RE: Ignoring request from unknown client
client 10.192.1.11 {
secret = testing123
shortname = mbasso
}
STILL NO LUCK.
Is this a problem with secrets not matching?
No. I am definitely using 'testing123' in the NTRadPing utility.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
This message has been scanned for viruses and
malicious content by Unilynx Africa mail scanner, and is
believed to be clean.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Ignoring request from unknown client
On Fri, 03 Dec 2004 13:43:11 -0500 Alan DeKok [EMAIL PROTECTED] wrote: Michael Basso [EMAIL PROTECTED] wrote: I tried : ... STILL NO LUCK. Is the server reading the clients.conf file you're editing? How can I know for sure? I was editing the client.conf file in /etc/raddb. There is also one in usr/local/radius/freeradius-1.0.1/ (where I downloaded and expanded the tar.gz file. It looks like you're editing one file, but the server is reading another. And you are re-starting the server when you edit the file, right? Yes I am. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Michael Basso Network Specialist Bedford Central School District (914) 241-6186 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Ignoring request from unknown client
Michael Basso [EMAIL PROTECTED] wrote: Is the server reading the clients.conf file you're editing? How can I know for sure? Read the first few lines of the debug output. It prints out the full path to the clients.conf file it's using. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ignoring request from unknown client 127.0.0.1
i use freeradius-snapshot-20040224 on a redhat 7.3
all seems to work fine but when i use radtest
the server tell me
Ignoring request from unknown client 127.0.0.1
i add the loopback in client and client.conf
i don t understand
thanks
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /etc/raddb/proxy.conf
Config: including file: /etc/raddb/clients.conf
Config: including file: /etc/raddb/sql.conf
main: prefix = /usr/local
main: localstatedir = /var
main: logdir = /var/log/radius
main: libdir = /usr/local/lib
main: radacctdir = /var/log/radius/radacct
main: hostname_lookups = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = /var/log/radius/radius.log
main: log_auth = no
main: log_auth_badpass = yes
main: log_auth_goodpass = yes
main: pidfile = /var/run/radiusd/radiusd.pid
main: user = radiusd
main: group = radiusd
main: usercollide = no
main: lower_user = no
main: lower_pass = no
main: nospace_user = no
main: nospace_pass = no
main: checkrad = /usr/local/sbin/checkrad
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
proxy: post_proxy_authorize = yes
proxy: wake_all_if_all_dead = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
Using deprecated naslist file. Support for this will go away soon.
read_config_files: reading clients
read_config_files: reading realms
Using deprecated realms file. Support for this will go away soon.
radiusd: entering modules setup
Module: Library search path is /usr/local/lib
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded System
unix: cache = no
unix: passwd = (null)
unix: shadow = /etc/shadow
unix: group = (null)
unix: radwtmp = /var/log/radius/radwtmp
unix: usegroup = no
unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded eap
eap: default_eap_type = tls
eap: timer_expire = 60
eap: ignore_unknown_eap_types = no
tls: rsa_key_exchange = no
tls: dh_key_exchange = yes
tls: rsa_key_length = 512
tls: dh_key_length = 512
tls: verify_depth = 0
tls: CA_path = (null)
tls: pem_file_type = yes
tls: private_key_file = /usr/local/etc/raddb/basile.pem
tls: certificate_file = /usr/local/etc/raddb/basile.pem
tls: CA_file = /usr/local/etc/raddb/root.pem
tls: private_key_password = whatever
tls: dh_file = /usr/local/etc/raddb/DH
tls: random_file = /usr/local/etc/raddb/random
tls: fragment_size = 1024
tls: include_length = yes
tls: check_crl = no
rlm_eap: Loaded and initialized type tls
Module: Instantiated eap (eap)
Module: Loaded preprocess
preprocess: huntgroups = /etc/raddb/huntgroups
preprocess: hints = /etc/raddb/hints
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
realm: format = suffix
realm: delimiter = @
Module: Instantiated realm (suffix)
Module: Loaded files
files: usersfile = /etc/raddb/users
files: acctusersfile = /etc/raddb/acct_users
files: preproxy_usersfile = /etc/raddb/preproxy_users
files: compat = no
Module: Instantiated files (files)
Module: Loaded Acct-Unique-Session-Id
acct_unique: key = User-Name, Acct-Session-Id, NAS-IP-Address,
Client-IP-Address, NAS-Port-Id
Module: Instantiated acct_unique (acct_unique)
Module: Loaded detail
detail: detailfile =
/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded radutmp
radutmp: filename = /var/log/radius/radutmp
radutmp: username = %{User-Name}
radutmp: case_sensitive = yes
radutmp: check_with_nas = yes
radutmp: perm = 384
radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on IP address *, ports 1812/udp and 1813/udp, with proxy on 1814/udp.
Ready to process requests.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
