FreeRadius: No valid responses received
-
Hi,
I am trying to set up FreeRadius on my pfSense and I am following the simplest of examples here: https://docs.netgate.com/pfsense/en/latest/packages/freeradius-test.html
I have checked everything over and over again but it just does not work. I keep getting "Authentication Error" and the syslog shows (only) "diag_authentication.php: Error during RADIUS authentication : No valid RADIUS responses received."
I can't figure out for the life of me where I am making a mistake.
The manual doesn't say anything about it, but do I need to allow any traffic through the firewall (I am guessing not, as this is all happening on the localhost, but typically, when something doesn't work as expected, it most of the time is the firewall...)?
Any help appreciated!
Cheers
-
Try running radsniff -x via ssh.
-
That's the result (I can't see what the error is supposed to be):
2021-06-21 21:49:03.146541 (1) Access-Request Id 216 lo0:127.0.0.1:61525 -> 127.0.0.1:1812 +0.000 User-Name = "sensewolf" NAS-IP-Address = 192.168.3.1 Service-Type = Login-User Called-Station-Id = "00:0d:b9:4e:de:9e:pfSense" NAS-Identifier = "pfSense" MS-CHAP-Challenge = 0x8178256ef7a0414d4c0dbb5bdd4edfb1 MS-CHAP2-Response = 0x0101903de86fefd8bbd865f6c73ce8e7928f0000000000000000f8dd26817ea2f8ce5b1ce003f4b21294784d38977ab83ee7 Authenticator-Field = 0x63e2851653a79e8b43f7d33e29c9d681This happens three times and then I get the "authentication error".
-
@sensewolf Have you added 127.0.0.1 as a NAS client, if you’re trying the test from pfsense.
Also have you added Class := "admins" as a reply-item.
-
I did everything the manual says.
So I did add 127.0.0.1 as a NAS/client.
And I did not add Class := "admins" as a reply-item. I tried now but it does not change the result. Still getting "Authentication error". And radsnitch produces the same (type of) output.
But thank you for the suggestion.
