Discussion:
A question about port 1646
Andreas Meyer
2004-11-15 09:51:49 UTC
Permalink
Hello!

Very new to freeradius (and RADIUS) I have a question about accounting.
I compiled and installed freeradius-1.0.1 on a SuSE8.2.

If I enable accounting in acct_users
DEFAULT Acct-Status-Type == Start
DEFAULT Acct-Status-Type == Stop
I find in /var/log/messages the following:

radacct[23153]: rc_send_server: no reply from RADIUS server localhost:1646
radacct[23153]: accounting FAILED, type Start, username andreas, service Login-Use

I then made an entry in radiusd.conf:
listen {
ipaddr = *
port = 1646
type = acct
}

When I now do a radlogin I get some duplicate entries:

Linux 2.4.20-4GB-athlon (gamma) (port 2)
-----------------------------------------------------

login: andreas
Password:
RADIUS: Authentication OK
Starting.
RADIUS_SERVICE_TYPE = Login-User
RADIUS_USER_NAME = andreas
RADIUS_LOGIN_IP_HOST = 192.168.1.3
RADIUS_LOGIN_SERVICE = Telnet
RADIUS accounting OK
Running /usr/bin/telnet 192.168.1.3
RADIUS accounting OK
Running /usr/bin/telnet 192.168.1.3
Trying 192.168.1.3...
Connected to 192.168.1.3.
Escape character is '^]'.
Trying 192.168.1.3...
Connected to 192.168.1.3.
Escape character is '^]'.
Welcome to SuSE Linux 8.2 (i586) - Kernel 2.4.20-4GB-athlon (3).
Welcome to SuSE Linux 8.2 (i586) - Kernel 2.4.20-4GB-athlon (4).

gamma login:
gamma login:


Why is that so? I tried changing the ports in /etc/services without
success. Is there another way to tell freeradius to take port 1813
for accounting?


Thank you!
--
Andreas Meyer

"We only do well the things we like doing." - Colette

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Yyc
2004-11-15 11:09:14 UTC
Permalink
I think it might caused by criston radius server which attached in SuSE.
you can check Linux service port under /etc.
1812 1813 1814 is for freeradius

Regards
Yyc
---------------------------------------------------------------
And the vision that was planted in my brain.
Still remains with the sound of silence.
----- Original Message -----
From: "Andreas Meyer" <***@gmx.net>
To: <freeradius-***@lists.freeradius.org>
Sent: Monday, November 15, 2004 5:51 PM
Subject: A question about port 1646
Post by Andreas Meyer
Hello!
Very new to freeradius (and RADIUS) I have a question about accounting.
I compiled and installed freeradius-1.0.1 on a SuSE8.2.
If I enable accounting in acct_users
DEFAULT Acct-Status-Type == Start
DEFAULT Acct-Status-Type == Stop
radacct[23153]: rc_send_server: no reply from RADIUS server localhost:1646
radacct[23153]: accounting FAILED, type Start, username andreas, service Login-Use
listen {
ipaddr = *
port = 1646
type = acct
}
Linux 2.4.20-4GB-athlon (gamma) (port 2)
-----------------------------------------------------
login: andreas
RADIUS: Authentication OK
Starting.
RADIUS_SERVICE_TYPE = Login-User
RADIUS_USER_NAME = andreas
RADIUS_LOGIN_IP_HOST = 192.168.1.3
RADIUS_LOGIN_SERVICE = Telnet
RADIUS accounting OK
Running /usr/bin/telnet 192.168.1.3
RADIUS accounting OK
Running /usr/bin/telnet 192.168.1.3
Trying 192.168.1.3...
Connected to 192.168.1.3.
Escape character is '^]'.
Trying 192.168.1.3...
Connected to 192.168.1.3.
Escape character is '^]'.
Welcome to SuSE Linux 8.2 (i586) - Kernel 2.4.20-4GB-athlon (3).
Welcome to SuSE Linux 8.2 (i586) - Kernel 2.4.20-4GB-athlon (4).
Why is that so? I tried changing the ports in /etc/services without
success. Is there another way to tell freeradius to take port 1813
for accounting?
Thank you!
--
Andreas Meyer
"We only do well the things we like doing." - Colette
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Andreas Meyer
2004-11-15 13:55:57 UTC
Permalink
Post by Yyc
I think it might caused by criston radius server which attached in SuSE.
you can check Linux service port under /etc.
1812 1813 1814 is for freeradius
As I said, I am using Version 1.0.1 of freeradius, compiled with options
./configure --localstatedir=/var --sysconfdir=/etc

Do you say if I don't use this options for compiling the thing, radacct wil
look at port 1813?
I already tried editing /etc/services without success.


OK, I configured with ./configure, make, make install and radacct
still is trying to connect on port 1646.
Edited /etc/services again with port radius-acct 1646/tcp 1646/udp
with no luck.

sigh... :(

Any way to tell radacct to look for port 1813 or should I start radiusd
with the old ports? But how?
--
Andreas Meyer

"We only do well the things we like doing." - Colette

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alan DeKok
2004-11-15 17:57:54 UTC
Permalink
Post by Andreas Meyer
If I enable accounting in acct_users
DEFAULT Acct-Status-Type == Start
DEFAULT Acct-Status-Type == Stop
That doesn't enable accounting. It doesn't do anything.

Accounting is enabled by default.
Post by Andreas Meyer
listen {
ipaddr = *
port = 1646
Why not just edit the "port" directive? Set "port=1645", and
accounting will use "1646".
...

From the client. I suggest asking the people who wrote the client
what's going wrong with their client.
Post by Andreas Meyer
Why is that so? I tried changing the ports in /etc/services without
success. Is there another way to tell freeradius to take port 1813
for accounting?
Do you want 1646 or 1813?

Alan DeKok.

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Andreas Meyer
2004-11-15 20:37:59 UTC
Permalink
Post by Alan DeKok
Post by Andreas Meyer
If I enable accounting in acct_users
DEFAULT Acct-Status-Type == Start
DEFAULT Acct-Status-Type == Stop
That doesn't enable accounting. It doesn't do anything.
Accounting is enabled by default.
ah, didn't know that.
Post by Alan DeKok
Post by Andreas Meyer
listen {
ipaddr = *
port = 1646
Why not just edit the "port" directive? Set "port=1645", and
accounting will use "1646".
OK, this works. Unfortunatly I get this double entries from the client.
Post by Alan DeKok
...
From the client. I suggest asking the people who wrote the client
what's going wrong with their client.
urgl, ok I'll see what I can do.
Post by Alan DeKok
Post by Andreas Meyer
Why is that so? I tried changing the ports in /etc/services without
success. Is there another way to tell freeradius to take port 1813
for accounting?
Do you want 1646 or 1813?
I wanted to use ports 1812 and 1813. If I set port=0 in radiusd.conf, radacct
wants to connect to 1646 although I edited /etc/services to use 1813 for
radius-acct. Same when I set port=1812, radacct wants to connect to 1646.

So I guess the only solution for using accouting is using the old ports.
--
Andreas Meyer

"We only do well the things we like doing." - Colette

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alan DeKok
2004-11-15 22:40:33 UTC
Permalink
Post by Andreas Meyer
I wanted to use ports 1812 and 1813. If I set port=0 in radiusd.conf, radacct
wants to connect to 1646 although I edited /etc/services to use 1813 for
radius-acct.
I suggest finding out why that's happening. It does NOT happen in a
normal configuration, so something's wrong with your system.
Post by Andreas Meyer
Same when I set port=1812, radacct wants to connect to 1646.
FreeRADIUS just doesn't work that way. If you set "port = 1812",
then it listens for authentication on port 1812, and accounting on
port 1813.

Unless.. did you set "port = 1812" AND leave the "listen" directive
in there? That might explain why the server is listening on 1646: you
told it to listen on that port.

Please ensure that you haven't configured the server to listen on
port 1646. You say you don't want to have it listen on 1646, so make
SURE it's not listening on 1646.

Alan DeKok.


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Andreas Meyer
2004-11-16 12:43:02 UTC
Permalink
Post by Alan DeKok
Post by Andreas Meyer
I wanted to use ports 1812 and 1813. If I set port=0 in radiusd.conf, radacct
wants to connect to 1646 although I edited /etc/services to use 1813 for
radius-acct.
I suggest finding out why that's happening. It does NOT happen in a
normal configuration, so something's wrong with your system.
Post by Andreas Meyer
Same when I set port=1812, radacct wants to connect to 1646.
FreeRADIUS just doesn't work that way. If you set "port = 1812",
then it listens for authentication on port 1812, and accounting on
port 1813.
Did some tests again. I set port = 0 in radiusd.conf and /etc/services
looks like this:

radius 1812/tcp # RADIUS
radius 1812/udp # RADIUS
radius-acct 1813/tcp # RADIUS Accounting
radius-acct 1813/udp # RADIUS Accounting

In /var/log/messages with radlogin I get:
Nov 16 12:55:30 gamma radlogin[12894]: rc_map2id: can't find tty /dev/pts/1 in map database
Nov 16 12:55:35 gamma radlogin[12894]: authentication OK, username andreas, service Login-User
Nov 16 12:55:35 gamma radacct[12916]: rc_map2id: can't find tty /dev/pts/1 in map database
Nov 16 12:56:05 gamma radacct[12916]: rc_send_server: no reply from RADIUS server localhost:1646
Nov 16 12:56:05 gamma radacct[12916]: accounting FAILED, type Start, username andreas, service Login-User
Nov 16 12:56:05 gamma radacct[13030]: rc_map2id: can't find tty /dev/pts/1 in map database

No "listen" directive involved in radiusd.conf.

# netstat -pantu |grep radius
udp 0 0 0.0.0.0:1812 0.0.0.0:* 12854/radiusd
udp 0 0 0.0.0.0:1813 0.0.0.0:* 12854/radiusd
udp 0 0 0.0.0.0:1814 0.0.0.0:* 12854/radiusd


I then set port = 1812 in radiusd.conf and the same /etc/services.
No "listen" directive involved in radiusd.conf.

Nov 16 13:06:49 gamma radlogin[15588]: authentication OK, username andreas, service Login-User
Nov 16 13:07:19 gamma radacct[15614]: rc_send_server: no reply from RADIUS server localhost:1646
Nov 16 13:07:19 gamma radacct[15614]: accounting FAILED, type Start, username andreas, service Login-User
Nov 16 13:07:49 gamma radacct[15732]: rc_send_server: no reply from RADIUS server localhost:1646
Nov 16 13:07:49 gamma radacct[15732]: accounting FAILED, type Start, username andreas, service Login-User
Nov 16 13:09:19 gamma radacct[16075]: rc_send_server: no reply from RADIUS server localhost:1646
Nov 16 13:09:19 gamma radacct[16075]: accounting FAILED, type Stop, username andreas, service Login-User

# netstat -pantu |grep radius
udp 0 0 0.0.0.0:1812 0.0.0.0:* 14641/radiusd
udp 0 0 0.0.0.0:1813 0.0.0.0:* 14641/radiusd
udp 0 0 0.0.0.0:1814 0.0.0.0:* 14641/radiusd


I then set port = 1645 in radiusd.conf

# netstat -pantu |grep radius
udp 0 0 0.0.0.0:1645 0.0.0.0:* 21010/radiusd
udp 0 0 0.0.0.0:1646 0.0.0.0:* 21010/radiusd
udp 0 0 0.0.0.0:1647 0.0.0.0:* 21010/radiusd

and with radlogin I get:

Nov 16 13:33:18 gamma radlogin[21938]: authentication OK, username andreas, service Login-User
Nov 16 13:33:18 gamma radacct[21960]: accounting OK, type Start, username andreas, service Login-User
Nov 16 13:33:18 gamma radacct[21966]: accounting OK, type Start, username andreas, service Login-User
Nov 16 13:34:18 gamma radacct[22199]: accounting OK, type Stop, username andreas, service Login-User



I found another strange behaviour. Configured freeradius with "./configure"
"make" and su "make install".
Logging is done in /var/log/radius and raddb is in /usr/local/etc.

when I start "radiusd -X" I get the following:

gamma:/var/log # /usr/local/sbin/radiusd -X
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /etc/raddb/proxy.conf
/usr/local/etc/raddb/radiusd.conf[429]: Unable to open file "/etc/raddb/proxy.conf": No such file or directory
Errors reading radiusd.conf

In radiusd.conf I have:

prefix = /usr/local
exec_prefix = ${prefix}
sysconfdir = /etc
localstatedir = /var
sbindir = ${exec_prefix}/sbin
logdir = ${localstatedir}/log/radius
raddbdir = ${sysconfdir}/raddb
radacctdir = ${logdir}/radacct

# Location of config and logfiles.
confdir = ${raddbdir}
run_dir = ${localstatedir}/run/radiusd

...
proxy_requests = yes
$INCLUDE ${confdir}/proxy.conf

Very confusing!

So I copied the whole directory /usr/local/raddb over to /etc.
Nevertheless configuration must be done in /usr/local/etc/raddb.
Post by Alan DeKok
Unless.. did you set "port = 1812" AND leave the "listen" directive
in there? That might explain why the server is listening on 1646: you
told it to listen on that port.
Please ensure that you haven't configured the server to listen on
port 1646. You say you don't want to have it listen on 1646, so make
SURE it's not listening on 1646.
In the above tests there was never a "listen" directive involved.


Thanks for your patience! This radiusthing is a beast.
--
Andreas Meyer

"We only do well the things we like doing." - Colette

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alan DeKok
2004-11-16 15:25:37 UTC
Permalink
Post by Andreas Meyer
Did some tests again. I set port = 0 in radiusd.conf and /etc/services
radius 1812/tcp # RADIUS
That's nice. What ports does the server say it's listening on when
you run it in debugging mode?
Post by Andreas Meyer
# netstat -pantu |grep radius
See comments above.
Post by Andreas Meyer
I then set port = 1645 in radiusd.conf
Yes... the client has been telling you it's sending to port 1646.
It's important, therefore, to configure FreeRADIUS to listen on that port.
Post by Andreas Meyer
Nov 16 13:33:18 gamma radlogin[21938]: authentication OK, username andreas, service Login-User
Nov 16 13:33:18 gamma radacct[21960]: accounting OK, type Start, username andreas, service Login-User
...

I'm not sure why you think this information is important. How does
having this information help solve your problem?
Post by Andreas Meyer
found another strange behaviour. Configured freeradius with "./configure"
"make" and su "make install".
Logging is done in /var/log/radius and raddb is in /usr/local/etc.
gamma:/var/log # /usr/local/sbin/radiusd -X
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /etc/raddb/proxy.conf
/usr/local/etc/raddb/radiusd.conf[429]: Unable to open file "/etc/raddb/proxy.conf": No such file or directory
Ok...
Post by Andreas Meyer
prefix = /usr/local
exec_prefix = ${prefix}
sysconfdir = /etc
localstatedir = /var
sbindir = ${exec_prefix}/sbin
logdir = ${localstatedir}/log/radius
raddbdir = ${sysconfdir}/raddb
The files are in /etc/raddb. That's what the above quote says.
Post by Andreas Meyer
Logging is done in /var/log/radius and raddb is in /usr/local/etc.
This disagrees with what's in the configuration file: "raddbdir=/etc/raddb"

Which is correct? Why do you have two "raddb" directories?

The "make" and "make install" process install everything in one
place. If the server is looking in two different directories for
configuration files, then it's because you edited the configuration
files to tell it to do that.

Alan DeKok.

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Andreas Meyer
2004-11-16 16:39:49 UTC
Permalink
Post by Alan DeKok
Post by Andreas Meyer
radius 1812/tcp # RADIUS
That's nice. What ports does the server say it's listening on when
you run it in debugging mode?
I made a fresh install. Debugging mode says this:

Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /usr/local/etc/raddb/proxy.conf
Config: including file: /usr/local/etc/raddb/clients.conf
Config: including file: /usr/local/etc/raddb/snmp.conf
Config: including file: /usr/local/etc/raddb/eap.conf
Config: including file: /usr/local/etc/raddb/sql.conf
main: prefix = "/usr/local"
main: localstatedir = "/usr/local/var"
main: logdir = "/usr/local/var/log/radius"
main: libdir = "/usr/local/lib"
main: radacctdir = "/usr/local/var/log/radius/radacct"
main: hostname_lookups = no
main: snmp = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = "/usr/local/var/log/radius/radius.log"
main: log_auth = no
main: log_auth_badpass = no
main: log_auth_goodpass = no
main: pidfile = "/usr/local/var/run/radiusd/radiusd.pid"
main: user = "(null)"
main: group = "(null)"
main: usercollide = no
main: lower_user = "no"
main: lower_pass = "no"
main: nospace_user = "no"
main: nospace_pass = "no"
main: checkrad = "/usr/local/sbin/checkrad"
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
proxy: post_proxy_authorize = yes
proxy: wake_all_if_all_dead = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
Using deprecated naslist file. Support for this will go away soon.
read_config_files: reading clients
read_config_files: reading realms
radiusd: entering modules setup
Module: Library search path is /usr/local/lib
Module: Loaded exec
exec: wait = yes
exec: program = "(null)"
exec: input_pairs = "request"
exec: output_pairs = "(null)"
exec: packet_type = "(null)"
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
pap: encryption_scheme = "crypt"
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
mschap: use_mppe = yes
mschap: require_encryption = no
mschap: require_strong = no
mschap: with_ntdomain_hack = no
mschap: passwd = "(null)"
mschap: authtype = "MS-CHAP"
mschap: ntlm_auth = "(null)"
Module: Instantiated mschap (mschap)
Module: Loaded System
unix: cache = no
unix: passwd = "(null)"
unix: shadow = "(null)"
unix: group = "(null)"
unix: radwtmp = "/usr/local/var/log/radius/radwtmp"
unix: usegroup = no
unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded eap
eap: default_eap_type = "md5"
eap: timer_expire = 60
eap: ignore_unknown_eap_types = no
eap: cisco_accounting_username_bug = no
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
gtc: challenge = "Password: "
gtc: auth_type = "PAP"
rlm_eap: Loaded and initialized type gtc
mschapv2: with_ntdomain_hack = no
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded preprocess
preprocess: huntgroups = "/usr/local/etc/raddb/huntgroups"
preprocess: hints = "/usr/local/etc/raddb/hints"
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
realm: format = "suffix"
realm: delimiter = "@"
realm: ignore_default = no
realm: ignore_null = no
Module: Instantiated realm (suffix)
Module: Loaded files
files: usersfile = "/usr/local/etc/raddb/users"
files: acctusersfile = "/usr/local/etc/raddb/acct_users"
files: preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users"
files: compat = "no"
Module: Instantiated files (files)
Module: Loaded Acct-Unique-Session-Id
acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
Module: Instantiated acct_unique (acct_unique)
Module: Loaded detail
detail: detailfile = "/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded radutmp
radutmp: filename = "/usr/local/var/log/radius/radutmp"
radutmp: username = "%{User-Name}"
radutmp: case_sensitive = yes
radutmp: check_with_nas = yes
radutmp: perm = 384
radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on authentication *:1812
Listening on accounting *:1813
Listening on proxy *:1814
Ready to process requests.

When I do now a radlogin I get this in /var/log/messages:

Nov 16 17:24:59 gamma radlogin[6208]: authentication OK, username andreas, service Login-User
Nov 16 17:25:29 gamma radacct[6242]: rc_send_server: no reply from RADIUS server localhost:1646
Nov 16 17:25:29 gamma radacct[6242]: accounting FAILED, type Start, username andreas, service Login-User
Nov 16 17:25:59 gamma radacct[6365]: rc_send_server: no reply from RADIUS server localhost:1646
Nov 16 17:25:59 gamma radacct[6365]: accounting FAILED, type Start, username andreas, service Login-User
Nov 16 17:27:29 gamma radacct[6711]: rc_send_server: no reply from RADIUS server localhost:1646
Nov 16 17:27:29 gamma radacct[6711]: accounting FAILED, type Stop, username andreas, service Login-User

As far as I understand that, radacct is trying to connect to port 1646.
Of course I can configure freeradius with "port = 1645", then accounting
works.
The client I am using is using the /etc/services. I can tell the client
to use port 1645 with "radlogin -i 1645".
Post by Alan DeKok
Post by Andreas Meyer
prefix = /usr/local
exec_prefix = ${prefix}
sysconfdir = /etc
localstatedir = /var
sbindir = ${exec_prefix}/sbin
logdir = ${localstatedir}/log/radius
raddbdir = ${sysconfdir}/raddb
The files are in /etc/raddb. That's what the above quote says.
Post by Andreas Meyer
Logging is done in /var/log/radius and raddb is in /usr/local/etc.
This disagrees with what's in the configuration file: "raddbdir=/etc/raddb"
Which is correct? Why do you have two "raddb" directories?
The "make" and "make install" process install everything in one
place. If the server is looking in two different directories for
configuration files, then it's because you edited the configuration
files to tell it to do that.
My bad, I am sorry! obviously I edited the radiusd.conf to get the
logging in /var/log/radius. Everthing is default now.
--
Andreas Meyer

"We only do well the things we like doing." - Colette

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Michael J. Hartwick
2004-11-16 17:46:32 UTC
Permalink
On Tue, 16 Nov 2004 at 17:39 (+0100), Andreas Meyer wrote:

AM> Listening on authentication *:1812
AM> Listening on accounting *:1813
AM> Listening on proxy *:1814
AM> Ready to process requests.
AM>
AM> When I do now a radlogin I get this in /var/log/messages:
AM>
AM> Nov 16 17:24:59 gamma radlogin[6208]: authentication OK, username andreas, service Login-User
AM> Nov 16 17:25:29 gamma radacct[6242]: rc_send_server: no reply from RADIUS server localhost:1646
AM> Nov 16 17:25:29 gamma radacct[6242]: accounting FAILED, type Start, username andreas, service Login-User
AM> Nov 16 17:25:59 gamma radacct[6365]: rc_send_server: no reply from RADIUS server localhost:1646
AM> Nov 16 17:25:59 gamma radacct[6365]: accounting FAILED, type Start, username andreas, service Login-User
AM> Nov 16 17:27:29 gamma radacct[6711]: rc_send_server: no reply from RADIUS server localhost:1646
AM> Nov 16 17:27:29 gamma radacct[6711]: accounting FAILED, type Stop, username andreas, service Login-User
AM>
AM> As far as I understand that, radacct is trying to connect to port 1646.
AM> Of course I can configure freeradius with "port = 1645", then accounting
AM> works.
AM> The client I am using is using the /etc/services. I can tell the client
AM> to use port 1645 with "radlogin -i 1645".

I haven't really followed this thread, but if you look at the top
three lines you see that it is listening on 1812, 1813, and 1814 not
1645, and 1646 which radacct is trying to use. I don't remember
exactly when the standard ports for RADIUS changed to the 1812 and
1813 (not positive on 1814). You might try leaving the FreeRADIUS
install on 1812 and change radlogin to use 1812.

Now, if radlogin is using /etc/services you might verify that you had
the correct information in there. This is what I have on one machine
that works fine. It has been a while since I did that though.

radiusd 1812/udp # RADIUS
radacct 1813/udp # RADIUS Accounting

Michael

----------------------------------------------------------------------
Michael J. Hartwick, VE3SLQ ***@hartwick.com
Hartwick Communications Consulting (519) 396-7719
Kincardine, ON, CA http://www.hartwick.com
----------------------------------------------------------------------

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Andreas Meyer
2004-11-16 18:04:48 UTC
Permalink
Post by Michael J. Hartwick
I haven't really followed this thread, but if you look at the top
three lines you see that it is listening on 1812, 1813, and 1814 not
1645, and 1646 which radacct is trying to use. I don't remember
exactly when the standard ports for RADIUS changed to the 1812 and
1813 (not positive on 1814). You might try leaving the FreeRADIUS
install on 1812 and change radlogin to use 1812.
Now, if radlogin is using /etc/services you might verify that you had
the correct information in there. This is what I have on one machine
that works fine. It has been a while since I did that though.
radiusd 1812/udp # RADIUS
radacct 1813/udp # RADIUS Accounting
I am very sorry for all the confusion but I just found out that
radacct is not part of freeradius but part of the radiusclient I am
using.
And it seems that radacct is compiled to use port 1646.
My god, excuse my ignorance!

I am wondering if I can use freeradius to protect a subnetwork
when clients connect to a radiusclient over ethernet or WLAN.
--
Andreas Meyer

"We only do well the things we like doing." - Colette

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Continue reading on narkive:
Loading...