Radius Problem
-
Hello ,
I have a problem with the Radius when I changed the listing interfaces to the loopback interface the radius not work .
please can you help me
Thanks
-
This package isn't actively maintained and developed.
Do you have network components on different subents which need to authenticate against RADIUS ?
I am using switches with a separate MANAGEMENT VLAN and all network components which authenticate against freeRADIUS are on the same MANAGEMENT VLAN - the same VLAN as RADIUS is listening to.–-edit---
check "bind_address" in
/usr/local/etc/raddb/radius.confIf you select a specific interface then there should be the IP of the interface you selected.
If you select loopback then there should be a " * "Take a look here:
http://freeradius.org/radiusd/raddb/radiusd.conf.in# bind_address: Make the server listen on a particular IP address, and # send replies out from that address. This directive is most useful # for machines with multiple IP addresses on one interface. # # It can either contain "*", or an IP address, or a fully qualified # Internet domain name. The default is "*" # # As of 1.0, you can also use the "listen" directive. See below for # more information. # bind_address = *perhaps you could edit the radius.conf manually, restart the radiusd service and check if it works.
-
Thank you for your reply
I have added the following to the radius.conf but still the listening port on one interface ( the interface added by the GUI )
bind_address = 10.11.11.1
bind_address = 10.221.0.13
bind_address = 127.0.0.1Thanks
-
I am not sure if you can add more than one address.
please try with:
bind_address = *kill radiusd and restart with
radiusd -XThen check again if you can authenticate.
-
Hi Nachtfalke,
the same problem , the interface configured by the GUI is the listening port
netstat -na | grep 1812
udp4 0 0 127.0.0.1.1812 .
-
You need to take care:
If you change the radius.conf and the do any changes in the freeRADIUS GUI, that it will overwrite the radius.conf again.
So change the radius.conf to
bind_address = *save the file.
then do:
kill -9 radiusdand then
radiusd -Xafter this radiusd is starting in debugging mode, you can see if radiusd is able to "processing requests".
If a client is connecting then you will see the output there.I am NOT sure if this will work. I am no expert but it is the only idea I can give you.
-
Hi Nachtfalke,
it's work now and all the interfaces are listening to the radius portThank you very much for your support you are expert man
-
Thank you for your feedback.
Perhaps I can change the GUI so that we can chose a specific or all interfaces.
But I am no expert in changing the GUI, too. hehe ;)–--edit----
Ok, I did some changes on these files:
freeradius.inc
freeradiussettings.xmlSo we have the possibility to enter one IP address of the listening interface or we can chose a " * " if we like that freeRADIUS is listening to any interface. I tried this on my machine for a short time and it is working.
Version 1.0.5 should have the changes.