Re : Re: Re : Re: Re : Re: Freeradius2 configuration challenges ( Binding IP address failure of radtest
Thanks John for being so helpful ! I will try to check evrything and review the recommended website Have a great day ! Al - Message d'origine - De: John Dennis jden...@redhat.com Date: Vendredi, 16 Octobre 2009, 8:02 Objet: Re: Re : Re: Re : Re: Freeradius2 configuration challenges ( Binding IP address failure of radtest À: FreeRadius users mailing list freeradius-users@lists.freeradius.org On 10/15/2009 10:22 PM, adai...@vl.videotron.ca wrote: Hi Everyone I think I am getting ahead but now I got the following error: [pap] WARNING! No known good password found for the user. Authentication may fail because of this. ++[pap] returns noop No authenticate method (Auth-Type) configuration found for the request: Rejecting the user Failed to authenticate the user. I was just trying to setup PAP (testuser) on the radius Would you know what the error could be ? You have to configure FreeRADIUS to tell it where to find users and their passwords. Are they in the FreeRADIUS users file? Are they system users with login accounts? Are they in an ldap directory? Are they in a SQL database? If you're trying to just confirm PAP is working then have you read and followed the example here: http://deployingradius.com/documents/configuration/pap.html BTW, deployingradius.com is the only other web site besides the FreeRADIUS site and it's wiki that is recommended because it's run by Alan DeKok the principal developer of FreeRADIUS. Other web sites tend to have out of date information or erroneous information. Also, note that the users file is read upon server start up, if you modify the users file (or any other file read by the server) you'll have to restart the server to see the change. There are other ways to get the server to reload it's files but since you're new to this we're going to keep it simple. As a side note, one advantage of using LDAP or SQL as your backend data source is you can add, remove, and edit the data in the backend and the FreeRADIUS server will immediately see the change without having to do anything special, thus you can immediately see one disadvantage of user data stored in files as opposed to a dynamic backend. -- John Dennis jden...@redhat.com Looking to carve out IT costs? www.redhat.com/carveoutcosts/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re : Re: Re : Re: Freeradius2 configuration challenges ( Binding IP address failure of radtest
Hi Everyone I think I am getting ahead but now I got the following error: [pap] WARNING! No known good password found for the user. Authentication may fail because of this. ++[pap] returns noop No authenticate method (Auth-Type) configuration found for the request: Rejecting the user Failed to authenticate the user. I was just trying to setup PAP (testuser) on the radius Would you know what the error could be ? Thx - Message d'origine - De: adai...@vl.videotron.ca Date: Mercredi, 14 Octobre 2009, 21:16 Objet: Re : Re: Re : Re: Freeradius2 configuration challenges ( Binding IP address failure of radtest À: FreeRadius users mailing list freeradius-users@lists.freeradius.org Thanks John for your patience ! I appreciate your explanation and will double check everything Al - Message d'origine - De: John Dennis jden...@redhat.com Date: Mercredi, 14 Octobre 2009, 16:19 Objet: Re: Re : Re: Freeradius2 configuration challenges ( Binding IP address failure of radtest À: FreeRadius users mailing list freeradius- us...@lists.freeradius.org On 10/14/2009 03:45 PM, adai...@vl.videotron.ca wrote: Thanks John for the quick reply on my questions, I already checked on Red_Hat_FAQ and I have not seen any answers to my challenges ! Did you read the section How do I start and stop the FreeRADIUS service? Because it's obvious you've got two radius servers running. You can't have the radius server running as a daemon *and* run another copy in the foreground with -X. If you want to run a copy in the foreground you *must* stop any existing copies from running first. The only way you can have another copy running is if you enabled the service for boot start up with chkconfig or manually started it with /usr/sbin/service or your manually executed /usr/sbin/radiusd. -- John Dennis jden...@redhat.com Looking to carve out IT costs? www.redhat.com/carveoutcosts/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Freeradius2 configuration challenges ( Binding IP address failure of radtest
Hello I am new with FreeRadius and trying to get Freeradius2, version 2.1.7 running on top of CentOS , to do a simple test with WLAN users. First off all, I am not able to configure the raduis server with an IP address . I am getting the following message: [r...@localhost Alain]# /usr/sbin/radiusd -i 192.168.1.123 -p 1812 -X FreeRADIUS Version 2.1.7, for host i386-redhat-linux-gnu, built on Sep 18 2009 at 10:59:17 radiusd: Opening IP addresses and Ports Failed binding to authentication address 192.168.1.123 port 1812: Cannot assign requested address There appears to be another RADIUS server running on the authentication port 1812 Second when I leave 127.0.0.1 in the radiusd.conf file and I use localhost. I get the following message doing a radtest : [r...@localhost Alain]# radtest steve testing localhost 1812 testing123 Sending Access-Request of id 170 to 127.0.0.1 port 1812 User-Name = steve User-Password = testing NAS-IP-Address = 127.0.0.1 NAS-Port = 1812 rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=170, length=20 The following is what appear on the radiusd debug screen: [pap] WARNING! No known good password found for the user. Authentication may fail because of this. ++[pap] returns noop No authenticate method (Auth-Type) configuration found for the request: Rejecting the user Thanks for your help ! Al - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re : Re: Freeradius2 configuration challenges ( Binding IP address failure of radtest
Thanks John for the quick reply on my questions, I already checked on Red_Hat_FAQ and I have not seen any answers to my challenges ! Regards Alain - Message d'origine - De: John Dennis jden...@redhat.com Date: Mercredi, 14 Octobre 2009, 13:20 Objet: Re: Freeradius2 configuration challenges ( Binding IP address failure of radtest À: FreeRadius users mailing list freeradius-users@lists.freeradius.org On 10/14/2009 12:42 PM, adai...@vl.videotron.ca wrote: Hello I am new with FreeRadius and trying to get Freeradius2, version 2.1.7 running on top of CentOS , to do a simple test with WLAN users. First off all, I am not able to configure the raduis server with an IP address . Please follow the instructions at: http://wiki.freeradius.org/Red_Hat_FAQ You'll be much happier :-) If you're getting address already in use error then you've already got a radius server instance running, fix that problem, then follow the instructions. -- John Dennis jden...@redhat.com Looking to carve out IT costs? www.redhat.com/carveoutcosts/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re : Re: Freeradius2 configuration challenges ( Binding IP address failure of radtest
Thanks Alan for your insights, but I am running only one radius server. Could it be because I am running it on top of VMWare workstation ?Yes, I did follow the FAQ ...Regards- Message d'origine -De: Alan DeKok al...@deployingradius.comDate: Mercredi, 14 Octobre 2009, 15:45Objet: Re: Freeradius2 configuration challenges ( Binding IP address failure of radtestÀ: FreeRadius users mailing list freeradius-users@lists.freeradius.org adai...@vl.videotron.ca wrote: First off all, I am not able to configure the raduis server with an IP address .I am getting the following message: ... radiusd: Opening IP addresses and Ports Failed binding to authentication address 192.168.1.123 port 1812: Cannot assign requested address There appears to be another RADIUS server running on the authentication port 1812 Yes... because there's another RADIUS server unning. You can't have two servers listening on the same port. Second when I leave 127.0.0.1 in the radiusd.conf file and I use localhost. I get the following message doing a radtest :[r...@localhost Alain]# radtest steve testing localhost 1812 testing123 Sending Access-Request of id 170 to 127.0.0.1 port 1812 User-Name = "steve" User-Password = "testing" NAS-IP-Address = 127.0.0.1 NAS-Port = 1812 rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=170, length=20 The following is what appear on the radiusd debug screen:[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop No authenticate method (Auth-Type) configuration found for the request: Rejecting the userDid you follow the FAQ? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re : Re: Re : Re: Freeradius2 configuration challenges ( Binding IP address failure of radtest
Thanks John for your patience ! I appreciate your explanation and will double check everything Al - Message d'origine - De: John Dennis jden...@redhat.com Date: Mercredi, 14 Octobre 2009, 16:19 Objet: Re: Re : Re: Freeradius2 configuration challenges ( Binding IP address failure of radtest À: FreeRadius users mailing list freeradius-users@lists.freeradius.org On 10/14/2009 03:45 PM, adai...@vl.videotron.ca wrote: Thanks John for the quick reply on my questions, I already checked on Red_Hat_FAQ and I have not seen any answers to my challenges ! Did you read the section How do I start and stop the FreeRADIUS service? Because it's obvious you've got two radius servers running. You can't have the radius server running as a daemon *and* run another copy in the foreground with -X. If you want to run a copy in the foreground you *must* stop any existing copies from running first. The only way you can have another copy running is if you enabled the service for boot start up with chkconfig or manually started it with /usr/sbin/service or your manually executed /usr/sbin/radiusd. -- John Dennis jden...@redhat.com Looking to carve out IT costs? www.redhat.com/carveoutcosts/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
