[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Help-gnu-radius] radius server not listening
|
From: |
Joost De Cock |
|
Subject: |
[Help-gnu-radius] radius server not listening |
|
Date: |
Tue, 22 Apr 2003 11:29:38 +0200 |
|
User-agent: |
KMail/1.5 |
Hello all,
I'm trying to set up a radius server with LDAP backend for central
authentication of our Cisco routers.
I followed the documentation to set up the server and when running radauth
locally with a ldap user it returns 'PASS'
However, when connecting from a router, things don't work out. Sniffing on the
machine that has the radius server on it (a RedHat 8.0 box) shows that the
request arrives but gets answered with a icmp destination unreachable
message.
I figured this must be 'cause I didn't configure my radius server to accept
requests from the router. I reviewed the configuration, but it seems ok.
Furhtermore, running nmap against the radius server doesn't show the radius
port to be listening. radiusd is there when I do ps -A | grep radius.
What can I doublecheck to make sure my radius server is listening to my
router?
I have no 'listen' in config, so that it listens to 'all'.
this is what my config looks like:
======= config ==========
option {
usr2delay 30;
max-requests 127;
exec-program-user "daemon";
log-dir "/var/log";
acct-dir "/var/acct";
};
logging {
channel info {
file "radius.info";
print-pid yes; # Output pid along with thediagnostics
print-cons yes; # Duplicate output to /dev/console
print-level yes; # Output severity level description
};
channel notice {
port 1645;
spawn yes;
max-requests 127;
time-to-live 25;
request-cleanup-delay 10;
detail yes;
strip-names yes;
checkrad-assume-logged yes;
password-expire-warning 1440;
compare-attribute-flag 1;
};
acct {
port 1646;
spawn yes;
detail yes;
max-requests 24;
detail yes;
max-requests 24;
time-to-live 60;
request-cleanup-delay 10;
compare-attribute-flag 1;
};
message {
account-closed "Sorry, your account is currently closed\r\n";
password-expired "Password Has Expired\r\n";
password-expire-warning
"Password Will Expire in %R{Password-Expire-Days} Days\r\n";
access-denied "\r\nAccess denied\r\n";
realm-quota "\r\nRealm quota exceeded - access denied\r\n";
multiple-login
"\r\nYou are already logged in %R{Simultaneous-Use} times - access
denied\r\n";
second-login "\r\nYou are already logged in - access denied\r\n";
timespan-violation "You are connecting outside your allowed
timespan\r\n";
};
======= config ==========
Any pointers would be greatly appreciated :)
Joost
DISCLAIMER
This e-mail and any attached files are confidential and may be legally
privileged. If you are not the addressee, any disclosure, reproduction,
copying, distribution, or other dissemination or use of this communication is
strictly prohibited. If you have received this transmission in error please
notify A.S.T.R.I.D. nv/sa immediately and then delete this e-mail.
- [Help-gnu-radius] radius server not listening,
Joost De Cock <=
- Re: [Help-gnu-radius] radius server not listening, Sergey Poznyakoff, 2003/04/22
- Re: [Help-gnu-radius] radius server not listening, Joost De Cock, 2003/04/23
- Re: [Help-gnu-radius] radius server not listening, Sergey Poznyakoff, 2003/04/23
- [Help-gnu-radius] Limiting Users, Cline Communications, Corp., 2003/04/23
- Re: [Help-gnu-radius] Limiting Users, ETI - Barry Irchad Kader, 2003/04/23
- RE: [Help-gnu-radius] Limiting Users, Cline Communications, Corp., 2003/04/23
- Re: [Help-gnu-radius] Limiting Users, Andrew Kohlsmith, 2003/04/23