Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Radius Problem

    Scheduled Pinned Locked Moved Routing and Multi WAN
    8 Posts 2 Posters 2.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      belalus
      last edited by

      Hello ,
      I have a problem with the Radius when I changed the listing interfaces to the loopback interface the radius not work .
      please can you help me
      Thanks

      1 Reply Last reply Reply Quote 0
      • N
        Nachtfalke
        last edited by

        This package isn't actively maintained and developed.
        Do you have network components on different subents which need to authenticate against RADIUS ?
        I am using switches with a separate MANAGEMENT VLAN and all network components which authenticate against freeRADIUS are on the same MANAGEMENT VLAN - the same VLAN as RADIUS is listening to.

        –-edit---

        check "bind_address" in
        /usr/local/etc/raddb/radius.conf

        If you select a specific interface then there should be the IP of the interface you selected.
        If you select loopback then there should be a " * "

        Take a look here:
        http://freeradius.org/radiusd/raddb/radiusd.conf.in

        #  bind_address:  Make the server listen on a particular IP address, and
        #  send replies out from that address.  This directive is most useful
        #  for machines with multiple IP addresses on one interface.
        #
        #  It can either contain "*", or an IP address, or a fully qualified
        #  Internet domain name.  The default is "*"
        #
        #  As of 1.0, you can also use the "listen" directive.  See below for
        #  more information.
        #
        bind_address = *
        

        perhaps you could edit the radius.conf manually, restart the radiusd service and check if it works.

        1 Reply Last reply Reply Quote 0
        • B
          belalus
          last edited by

          Thank you for your reply

          I have added the following to the radius.conf but still the listening port on one interface ( the interface added by the GUI )

          bind_address = 10.11.11.1
          bind_address = 10.221.0.13
          bind_address = 127.0.0.1

          Thanks

          1 Reply Last reply Reply Quote 0
          • N
            Nachtfalke
            last edited by

            I am not sure if you can add more than one address.

            please try with:

            bind_address = *
            

            kill radiusd and restart with

            radiusd -X
            

            Then check again if you can authenticate.

            1 Reply Last reply Reply Quote 0
            • B
              belalus
              last edited by

              Hi Nachtfalke,

              the same problem , the interface configured by the GUI is the listening port

              netstat -na | grep 1812

              udp4      0      0 127.0.0.1.1812        .

              1 Reply Last reply Reply Quote 0
              • N
                Nachtfalke
                last edited by

                You need to take care:

                If you change the radius.conf and the do any changes in the freeRADIUS GUI, that it will overwrite the radius.conf again.

                So change the radius.conf to

                bind_address = *
                

                save the file.

                then do:

                kill -9 radiusd
                

                and then

                radiusd -X
                

                after this radiusd is starting in debugging mode, you can see if radiusd is able to "processing requests".
                If a client is connecting then you will see the output there.

                I am NOT sure if this will work. I am no expert but it is the only idea I can give you.

                1 Reply Last reply Reply Quote 0
                • B
                  belalus
                  last edited by

                  Hi Nachtfalke,
                  it's work now and all the interfaces are listening to the radius port

                  Thank you very much for your support you are expert man

                  1 Reply Last reply Reply Quote 0
                  • N
                    Nachtfalke
                    last edited by

                    Thank you for your feedback.

                    Perhaps I can change the GUI so that we can chose a specific or all interfaces.
                    But I am no expert in changing the GUI, too. hehe ;)

                    –--edit----

                    Ok, I did some changes on these files:
                    freeradius.inc
                    freeradiussettings.xml

                    So we have the possibility to enter one IP address of the listening interface or we can chose a " * " if we like that freeRADIUS is listening to any interface. I tried this on my machine for a short time and it is working.

                    Version 1.0.5 should have the changes.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.