Re: Ignoring request from unknown client
Networking 10.192.1.0/24 or 10.192.0.0/16 On Friday 03 December 2004 20:53, Brian Ammons wrote: is this NOT supposed to be 10.192.1.11/32? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Michael Basso Sent: Friday, December 03, 2004 12:29 PM To: [EMAIL PROTECTED] Subject: RE: Ignoring request from unknown client client 10.192.1.11 { secret = testing123 shortname = mbasso } STILL NO LUCK. Is this a problem with secrets not matching? No. I am definitely using 'testing123' in the NTRadPing utility. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html This message has been scanned for viruses and malicious content by Unilynx Africa mail scanner, and is believed to be clean. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: auth from cisco to freeradius msql
Yes but if I try get access from my router or dialup the auth fails. Adam On Friday 03 December 2004 11:02, Lim Han Shyong wrote: Hi, Not understand what u want... radius already authenticate and send the Access accept packet back. HSL -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Frog Sent: Friday, December 03, 2004 4:53 PM To: [EMAIL PROTECTED] Subject: auth from cisco to freeradius msql Hi list I'm in the process of setting up my first radius server. Radius starts ok and auths with radtest but from cisco it does not. I'm running Fedora Core 2 with freeradius ver 1.0.1 using cisco 1601 (testing) here is the cisco setup followed by radius radiusd -f startup then when I try and authenticate in debug mode. --- - - aaa new-model aaa authentication login default group radius none aaa authentication login none none aaa authentication login unilynx local aaa authentication login consoleport none aaa authentication ppp default group radius none aaa authentication ppp unilynx-radius group radius local aaa authentication ppp radppp if-needed group radius aaa authorization network default group radius aaa accounting update newinfo aaa accounting network default wait-start group radius ip radius source-interface Loopback0 snmp-server engineID local 0009020142062DED snmp-server community public RO 97 radius-server host 192.168.2.254 auth-port 1812 acct-port 1813 non-standard radius-server retransmit 2 radius-server timeout 8 radius-server deadtime 2 radius-server key password --- - --- Fri Dec 3 10:38:47 2004 : Info: Starting - reading configuration files ... Fri Dec 3 10:38:47 2004 : Debug: reread_config: reading radiusd.conf Fri Dec 3 10:38:47 2004 : Debug: Config: including file: /usr/local/etc/raddb/proxy.conf Fri Dec 3 10:38:47 2004 : Debug: Config: including file: /usr/local/etc/raddb/clients.conf Fri Dec 3 10:38:47 2004 : Debug: Config: including file: /usr/local/etc/raddb/snmp.conf Fri Dec 3 10:38:47 2004 : Debug: Config: including file: /usr/local/etc/raddb/sql.conf Fri Dec 3 10:38:47 2004 : Debug: main: prefix = /usr/local Fri Dec 3 10:38:47 2004 : Debug: main: localstatedir = /usr/local/var Fri Dec 3 10:38:47 2004 : Debug: main: logdir = /usr/local/var/log/radius Fri Dec 3 10:38:47 2004 : Debug: main: libdir = /home/temp/freeradius/freeradius-1.0.1/src/modules Fri Dec 3 10:38:47 2004 : Debug: main: radacctdir = /usr/local/var/log/radius/radacct Fri Dec 3 10:38:47 2004 : Debug: main: hostname_lookups = no Fri Dec 3 10:38:47 2004 : Debug: main: max_request_time = 30 Fri Dec 3 10:38:47 2004 : Debug: main: cleanup_delay = 5 Fri Dec 3 10:38:47 2004 : Debug: main: max_requests = 1024 Fri Dec 3 10:38:47 2004 : Debug: main: delete_blocked_requests = 0 Fri Dec 3 10:38:47 2004 : Debug: main: port = 0 Fri Dec 3 10:38:47 2004 : Debug: main: allow_core_dumps = no Fri Dec 3 10:38:47 2004 : Debug: main: log_stripped_names = no Fri Dec 3 10:38:47 2004 : Debug: main: log_file = /usr/local/var/log/radius/radius.log Fri Dec 3 10:38:47 2004 : Debug: main: log_auth = no Fri Dec 3 10:38:47 2004 : Debug: main: log_auth_badpass = no Fri Dec 3 10:38:47 2004 : Debug: main: log_auth_goodpass = no Fri Dec 3 10:38:47 2004 : Debug: main: pidfile = /usr/local/var/run/radiusd/radiusd.pid Fri Dec 3 10:38:47 2004 : Debug: main: user = (null) Fri Dec 3 10:38:47 2004 : Debug: main: group = (null) Fri Dec 3 10:38:47 2004 : Debug: main: usercollide = no Fri Dec 3 10:38:47 2004 : Debug: main: lower_user = no Fri Dec 3 10:38:47 2004 : Debug: main: lower_pass = no Fri Dec 3 10:38:47 2004 : Debug: main: nospace_user = no Fri Dec 3 10:38:47 2004 : Debug: main: nospace_pass = no Fri Dec 3 10:38:47 2004 : Debug: main: checkrad = /usr/local/sbin/checkrad Fri Dec 3 10:38:47 2004 : Debug: main: proxy_requests = yes Fri Dec 3 10:38:47 2004 : Debug: proxy: retry_delay = 5 Fri Dec 3 10:38:47 2004 : Debug: proxy: retry_count = 3 Fri Dec 3 10:38:47 2004 : Debug: proxy: synchronous = no Fri Dec 3 10:38:47 2004 : Debug: proxy: default_fallback = no Fri Dec 3 10:38:47 2004 : Debug: proxy: dead_time = 120 Fri Dec 3 10:38:47 2004 : Debug: proxy: post_proxy_authorize = no Fri Dec 3 10:38:47 2004 : Debug: proxy: wake_all_if_all_dead = no Fri Dec 3 10:38:47 2004 : Debug: security: max_attributes = 200 Fri Dec 3 10:38:47 2004 : Debug: security: reject_delay = 1 Fri Dec 3 10:38:47 2004 : Debug: security: status_server = no Fri Dec 3 10:38:47 2004 : Debug: main: debug_level = 0 Fri Dec 3 10:38:47 2004 : Debug: read_config_files: reading dictionary Fri Dec 3 10:38:47 2004 : Debug: read_config_files: reading naslist Fri Dec 3
Re: auth from cisco to freeradius msql
I'm using mysql for authentication. On Monday 06 December 2004 10:29, Lim Han Shyong wrote: Hi: Hmm.. What u set in your user file ? user Auth-Type:= Local, User-Password = testing Service-Type = NAS-Prompt-User this mine, it can done basic authentication. Probably can have a try ^_^ HSL -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Frog Sent: Monday, December 06, 2004 4:10 PM To: [EMAIL PROTECTED] Subject: Re: auth from cisco to freeradius msql Yes but if I try get access from my router or dialup the auth fails. Adam On Friday 03 December 2004 11:02, Lim Han Shyong wrote: Hi, Not understand what u want... radius already authenticate and send the Access accept packet back. HSL -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Frog Sent: Friday, December 03, 2004 4:53 PM To: [EMAIL PROTECTED] Subject: auth from cisco to freeradius msql Hi list I'm in the process of setting up my first radius server. Radius starts ok and auths with radtest but from cisco it does not. I'm running Fedora Core 2 with freeradius ver 1.0.1 using cisco 1601 (testing) here is the cisco setup followed by radius radiusd -f startup then when I try and authenticate in debug mode. - - - - - aaa new-model aaa authentication login default group radius none aaa authentication login none none aaa authentication login unilynx local aaa authentication login consoleport none aaa authentication ppp default group radius none aaa authentication ppp unilynx-radius group radius local aaa authentication ppp radppp if-needed group radius aaa authorization network default group radius aaa accounting update newinfo aaa accounting network default wait-start group radius ip radius source-interface Loopback0 snmp-server engineID local 0009020142062DED snmp-server community public RO 97 radius-server host 192.168.2.254 auth-port 1812 acct-port 1813 non-standard radius-server retransmit 2 radius-server timeout 8 radius-server deadtime 2 radius-server key password - - - - --- Fri Dec 3 10:38:47 2004 : Info: Starting - reading configuration files ... Fri Dec 3 10:38:47 2004 : Debug: reread_config: reading radiusd.conf Fri Dec 3 10:38:47 2004 : Debug: Config: including file: /usr/local/etc/raddb/proxy.conf Fri Dec 3 10:38:47 2004 : Debug: Config: including file: /usr/local/etc/raddb/clients.conf Fri Dec 3 10:38:47 2004 : Debug: Config: including file: /usr/local/etc/raddb/snmp.conf Fri Dec 3 10:38:47 2004 : Debug: Config: including file: /usr/local/etc/raddb/sql.conf Fri Dec 3 10:38:47 2004 : Debug: main: prefix = /usr/local Fri Dec 3 10:38:47 2004 : Debug: main: localstatedir = /usr/local/var Fri Dec 3 10:38:47 2004 : Debug: main: logdir = /usr/local/var/log/radius Fri Dec 3 10:38:47 2004 : Debug: main: libdir = /home/temp/freeradius/freeradius-1.0.1/src/modules Fri Dec 3 10:38:47 2004 : Debug: main: radacctdir = /usr/local/var/log/radius/radacct Fri Dec 3 10:38:47 2004 : Debug: main: hostname_lookups = no Fri Dec 3 10:38:47 2004 : Debug: main: max_request_time = 30 Fri Dec 3 10:38:47 2004 : Debug: main: cleanup_delay = 5 Fri Dec 3 10:38:47 2004 : Debug: main: max_requests = 1024 Fri Dec 3 10:38:47 2004 : Debug: main: delete_blocked_requests = 0 Fri Dec 3 10:38:47 2004 : Debug: main: port = 0 Fri Dec 3 10:38:47 2004 : Debug: main: allow_core_dumps = no Fri Dec 3 10:38:47 2004 : Debug: main: log_stripped_names = no Fri Dec 3 10:38:47 2004 : Debug: main: log_file = /usr/local/var/log/radius/radius.log Fri Dec 3 10:38:47 2004 : Debug: main: log_auth = no Fri Dec 3 10:38:47 2004 : Debug: main: log_auth_badpass = no Fri Dec 3 10:38:47 2004 : Debug: main: log_auth_goodpass = no Fri Dec 3 10:38:47 2004 : Debug: main: pidfile = /usr/local/var/run/radiusd/radiusd.pid Fri Dec 3 10:38:47 2004 : Debug: main: user = (null) Fri Dec 3 10:38:47 2004 : Debug: main: group = (null) Fri Dec 3 10:38:47 2004 : Debug: main: usercollide = no Fri Dec 3 10:38:47 2004 : Debug: main: lower_user = no Fri Dec 3 10:38:47 2004 : Debug: main: lower_pass = no Fri Dec 3 10:38:47 2004 : Debug: main: nospace_user = no Fri Dec 3 10:38:47 2004 : Debug: main: nospace_pass = no Fri Dec 3 10:38:47 2004 : Debug: main: checkrad = /usr/local/sbin/checkrad Fri Dec 3 10:38:47 2004 : Debug: main: proxy_requests = yes Fri Dec 3 10:38:47 2004 : Debug: proxy: retry_delay = 5 Fri Dec 3 10:38:47 2004 : Debug: proxy: retry_count = 3 Fri Dec 3 10:38:47 2004 : Debug: proxy: synchronous
Re: auth from cisco to freeradius msql
On Tuesday 07 December 2004 03:25, Lim Han Shyong wrote: Hi Lim Thanks for all your help. I found the problem, on the cisco router i had radius bound to the loopback Interface therefor it was not part of the Lan address, Basically ID10T Problem.. Adam Hi: Mean did u add the Service-Type = NAS -Prompt-User into your sql database..? i mean in the reply message. HSL -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Frog Sent: Monday, December 06, 2004 8:02 PM To: [EMAIL PROTECTED] Subject: Re: auth from cisco to freeradius msql I'm using mysql for authentication. On Monday 06 December 2004 10:29, Lim Han Shyong wrote: Hi: Hmm.. What u set in your user file ? userAuth-Type:= Local, User-Password = testing Service-Type = NAS-Prompt-User this mine, it can done basic authentication. Probably can have a try ^_^ HSL -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Frog Sent: Monday, December 06, 2004 4:10 PM To: [EMAIL PROTECTED] Subject: Re: auth from cisco to freeradius msql Yes but if I try get access from my router or dialup the auth fails. Adam On Friday 03 December 2004 11:02, Lim Han Shyong wrote: Hi, Not understand what u want... radius already authenticate and send the Access accept packet back. HSL -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Frog Sent: Friday, December 03, 2004 4:53 PM To: [EMAIL PROTECTED] Subject: auth from cisco to freeradius msql Hi list I'm in the process of setting up my first radius server. Radius starts ok and auths with radtest but from cisco it does not. I'm running Fedora Core 2 with freeradius ver 1.0.1 using cisco 1601 (testing) here is the cisco setup followed by radius radiusd -f startup then when I try and authenticate in debug mode. - - - - - aaa new-model aaa authentication login default group radius none aaa authentication login none none aaa authentication login unilynx local aaa authentication login consoleport none aaa authentication ppp default group radius none aaa authentication ppp unilynx-radius group radius local aaa authentication ppp radppp if-needed group radius aaa authorization network default group radius aaa accounting update newinfo aaa accounting network default wait-start group radius ip radius source-interface Loopback0 snmp-server engineID local 0009020142062DED snmp-server community public RO 97 radius-server host 192.168.2.254 auth-port 1812 acct-port 1813 non-standard radius-server retransmit 2 radius-server timeout 8 radius-server deadtime 2 radius-server key password - - - - --- Fri Dec 3 10:38:47 2004 : Info: Starting - reading configuration files ... Fri Dec 3 10:38:47 2004 : Debug: reread_config: reading radiusd.conf Fri Dec 3 10:38:47 2004 : Debug: Config: including file: /usr/local/etc/raddb/proxy.conf Fri Dec 3 10:38:47 2004 : Debug: Config: including file: /usr/local/etc/raddb/clients.conf Fri Dec 3 10:38:47 2004 : Debug: Config: including file: /usr/local/etc/raddb/snmp.conf Fri Dec 3 10:38:47 2004 : Debug: Config: including file: /usr/local/etc/raddb/sql.conf Fri Dec 3 10:38:47 2004 : Debug: main: prefix = /usr/local Fri Dec 3 10:38:47 2004 : Debug: main: localstatedir = /usr/local/var Fri Dec 3 10:38:47 2004 : Debug: main: logdir = /usr/local/var/log/radius Fri Dec 3 10:38:47 2004 : Debug: main: libdir = /home/temp/freeradius/freeradius-1.0.1/src/modules Fri Dec 3 10:38:47 2004 : Debug: main: radacctdir = /usr/local/var/log/radius/radacct Fri Dec 3 10:38:47 2004 : Debug: main: hostname_lookups = no Fri Dec 3 10:38:47 2004 : Debug: main: max_request_time = 30 Fri Dec 3 10:38:47 2004 : Debug: main: cleanup_delay = 5 Fri Dec 3 10:38:47 2004 : Debug: main: max_requests = 1024 Fri Dec 3 10:38:47 2004 : Debug: main: delete_blocked_requests = 0 Fri Dec 3 10:38:47 2004 : Debug: main: port = 0 Fri Dec 3 10:38:47 2004 : Debug: main: allow_core_dumps = no Fri Dec 3 10:38:47 2004 : Debug: main: log_stripped_names = no Fri Dec 3 10:38:47 2004 : Debug: main: log_file = /usr/local/var/log/radius/radius.log Fri Dec 3 10:38:47 2004 : Debug: main: log_auth = no Fri Dec 3 10:38:47 2004 : Debug: main: log_auth_badpass = no Fri Dec 3 10:38:47 2004 : Debug: main: log_auth_goodpass = no Fri Dec 3 10:38:47 2004 : Debug: main: pidfile = /usr/local/var/run
auth from cisco to freeradius msql
Hi list I'm in the process of setting up my first radius server. Radius starts ok and auths with radtest but from cisco it does not. I'm running Fedora Core 2 with freeradius ver 1.0.1 using cisco 1601 (testing) here is the cisco setup followed by radius radiusd -f startup then when I try and authenticate in debug mode. - aaa new-model aaa authentication login default group radius none aaa authentication login none none aaa authentication login unilynx local aaa authentication login consoleport none aaa authentication ppp default group radius none aaa authentication ppp unilynx-radius group radius local aaa authentication ppp radppp if-needed group radius aaa authorization network default group radius aaa accounting update newinfo aaa accounting network default wait-start group radius ip radius source-interface Loopback0 snmp-server engineID local 0009020142062DED snmp-server community public RO 97 radius-server host 192.168.2.254 auth-port 1812 acct-port 1813 non-standard radius-server retransmit 2 radius-server timeout 8 radius-server deadtime 2 radius-server key password --- Fri Dec 3 10:38:47 2004 : Info: Starting - reading configuration files ... Fri Dec 3 10:38:47 2004 : Debug: reread_config: reading radiusd.conf Fri Dec 3 10:38:47 2004 : Debug: Config: including file: /usr/local/etc/raddb/proxy.conf Fri Dec 3 10:38:47 2004 : Debug: Config: including file: /usr/local/etc/raddb/clients.conf Fri Dec 3 10:38:47 2004 : Debug: Config: including file: /usr/local/etc/raddb/snmp.conf Fri Dec 3 10:38:47 2004 : Debug: Config: including file: /usr/local/etc/raddb/sql.conf Fri Dec 3 10:38:47 2004 : Debug: main: prefix = /usr/local Fri Dec 3 10:38:47 2004 : Debug: main: localstatedir = /usr/local/var Fri Dec 3 10:38:47 2004 : Debug: main: logdir = /usr/local/var/log/radius Fri Dec 3 10:38:47 2004 : Debug: main: libdir = /home/temp/freeradius/freeradius-1.0.1/src/modules Fri Dec 3 10:38:47 2004 : Debug: main: radacctdir = /usr/local/var/log/radius/radacct Fri Dec 3 10:38:47 2004 : Debug: main: hostname_lookups = no Fri Dec 3 10:38:47 2004 : Debug: main: max_request_time = 30 Fri Dec 3 10:38:47 2004 : Debug: main: cleanup_delay = 5 Fri Dec 3 10:38:47 2004 : Debug: main: max_requests = 1024 Fri Dec 3 10:38:47 2004 : Debug: main: delete_blocked_requests = 0 Fri Dec 3 10:38:47 2004 : Debug: main: port = 0 Fri Dec 3 10:38:47 2004 : Debug: main: allow_core_dumps = no Fri Dec 3 10:38:47 2004 : Debug: main: log_stripped_names = no Fri Dec 3 10:38:47 2004 : Debug: main: log_file = /usr/local/var/log/radius/radius.log Fri Dec 3 10:38:47 2004 : Debug: main: log_auth = no Fri Dec 3 10:38:47 2004 : Debug: main: log_auth_badpass = no Fri Dec 3 10:38:47 2004 : Debug: main: log_auth_goodpass = no Fri Dec 3 10:38:47 2004 : Debug: main: pidfile = /usr/local/var/run/radiusd/radiusd.pid Fri Dec 3 10:38:47 2004 : Debug: main: user = (null) Fri Dec 3 10:38:47 2004 : Debug: main: group = (null) Fri Dec 3 10:38:47 2004 : Debug: main: usercollide = no Fri Dec 3 10:38:47 2004 : Debug: main: lower_user = no Fri Dec 3 10:38:47 2004 : Debug: main: lower_pass = no Fri Dec 3 10:38:47 2004 : Debug: main: nospace_user = no Fri Dec 3 10:38:47 2004 : Debug: main: nospace_pass = no Fri Dec 3 10:38:47 2004 : Debug: main: checkrad = /usr/local/sbin/checkrad Fri Dec 3 10:38:47 2004 : Debug: main: proxy_requests = yes Fri Dec 3 10:38:47 2004 : Debug: proxy: retry_delay = 5 Fri Dec 3 10:38:47 2004 : Debug: proxy: retry_count = 3 Fri Dec 3 10:38:47 2004 : Debug: proxy: synchronous = no Fri Dec 3 10:38:47 2004 : Debug: proxy: default_fallback = no Fri Dec 3 10:38:47 2004 : Debug: proxy: dead_time = 120 Fri Dec 3 10:38:47 2004 : Debug: proxy: post_proxy_authorize = no Fri Dec 3 10:38:47 2004 : Debug: proxy: wake_all_if_all_dead = no Fri Dec 3 10:38:47 2004 : Debug: security: max_attributes = 200 Fri Dec 3 10:38:47 2004 : Debug: security: reject_delay = 1 Fri Dec 3 10:38:47 2004 : Debug: security: status_server = no Fri Dec 3 10:38:47 2004 : Debug: main: debug_level = 0 Fri Dec 3 10:38:47 2004 : Debug: read_config_files: reading dictionary Fri Dec 3 10:38:47 2004 : Debug: read_config_files: reading naslist Fri Dec 3 10:38:47 2004 : Info: Using deprecated naslist file. Support for this will go away soon. Fri Dec 3 10:38:47 2004 : Debug: read_config_files: reading clients Fri Dec 3 10:38:47 2004 : Info: Using deprecated clients file. Support for this will go away soon. Fri Dec 3 10:38:47 2004 : Debug: read_config_files: reading realms Fri Dec 3 10:38:47 2004 : Info: Using deprecated realms file. Support for this will go away soon. Fri Dec 3 10:38:47 2004 : Debug: radiusd: entering modules setup Fri Dec 3 10:38:47 2004 : Debug: Module: