Received a response to a request we did not send errors
I'm using radclient to talk to an IAS server. I'm attempting to pass on a request to it from an exec script. I've succeeded in restoring the case and punctuation of the attributes. Here's what I'm passing to standard input of radclient: Microsoft-Attr-34 = 0x4d535241532d302d585050524f4d4f42494c4531 Tunnel-Type = PPTP Framed-Protocol = PPP NAS-Port-Type = Virtual MS-RAS-Version = MSRASV5.20 Acct-Session-Id = 203 Message-Authenticator = 0xe848bbe7a5a6f3f92400d89dfa5e2794 NAS-Port = 129 Microsoft-Attr-35 = 0x4d5352415356352e3130 MS-CHAP-Challenge = 0xb53e318b12a8363fa7ebb1afd1082680 MS-CHAP2-Response = 0xe3007644c30f09db8a529c1612804fc468d0fc a5245c393846cf337403f3958494bfaa5d4f79759e NAS-IP-Address = 192.168.2.2226 Service-Type = Framed-User Tunnel-Client-Endpoint = 192.168.2.242 Calling-Station-Id = 192.168.2.242 User-Name = salesperson1 MS-RAS-Vendor = 311 Tunnel-Medium-Type = IP I have tried replacing NAS-IP-Address with the IP of the FreeRADIUS server running radclient. And I have tried leaving it alone. Either way, I get the same error from radclient: radclient: received response to request we did not send. Followed by: radclient: no response from server for ID 58 I think I'm quite close here, but I have no idea how to get past this one. I've got one more day, roughly, to make this work. After that, we'll have to step down to writing about a much less interesting VPN solution without FreeRADIUS and without the cross-realm cleverness. My editors tell me I don't get infinite time to play with this, no matter how cool it is. (: (The server name and shared secret are correct.) Any help? Thank you! -- Thomas Boutell Boutell.Com, Inc. http://www.boutell.com/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Received a response to a request we did not send errors
Thomas Boutell [EMAIL PROTECTED] wrote: I have tried replacing NAS-IP-Address with the IP of the FreeRADIUS server running radclient. And I have tried leaving it alone. Either way, I get the same error from radclient: radclient: received response to request we did not send. The NAS-IP-Address is information, and means little or nothing. The error message means that radclient is sending packets to one IP address, and receiving the response from another. I've got one more day, roughly, to make this work. After that, we'll have to step down to writing about a much less interesting VPN solution without FreeRADIUS and without the cross-realm cleverness. My editors tell me I don't get infinite time to play with this, no matter how cool it is. (: I understand. But I'm not sure you could easily get this working with many other RADIUS servers. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Received a response to a request we did not send errors
Alan DeKok wrote: Different IP addresses That darn host has multiple IPs and likes to respond... creatively. I think that's the issue. Making headway again now. Thanks. I'm thinking I should be able to use configurable_failover between the built-in ntlm_auth (for the local Samba domain) and the custom script (to proxy things to the other NT domain). The less custom scripting I do here, the better. -- Thomas Boutell Boutell.Com, Inc. http://www.boutell.com/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Received a response to a request we did not send errors
Thomas Boutell [EMAIL PROTECTED] wrote: I'm thinking I should be able to use configurable_failover between the built-in ntlm_auth (for the local Samba domain) and the custom script (to proxy things to the other NT domain). That should work. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html