Topic: Radius

[meelis]

radius.log shows me that error, what maybe wrong? i use linksys 54gl i choose wireless security mode "enterprise radius" and describe there my sme server as radius server.
Wed Jan 30 13:42:30 2008 : Info: Using deprecated naslist file.  Support for this will go away soon.
Wed Jan 30 13:42:30 2008 : Info: rlm_passwd: nfields: 7 keyfield 0(Stripped-User-Name) listable: no
Wed Jan 30 13:42:30 2008 : Info: Ready to process requests.
Wed Jan 30 13:43:39 2008 : Error: Ignoring request from unknown client 192.168.2.113:2048

[Franco]

it means your radius isn't ready to process requests from the client, did you configure it?

[meelis]

How i must configure't, i tried describe client in client.conf (client ip and password) but nothing
Can radius authenticate client aother way? I now thats bossible by mysql but i dont no how is doing

[Franco]

http://forums.contribs.org/index.php?topic=38955.0

[meelis]

I tried this test
radtest admin localhost 1812 xxxxx(passwor)
Usage: radtest user passwd radius-server[:port] nas-port-number secret [ppphint] [nasname]
[root@myyr raddb]# radtest admin xxxxxx localhost 1812 xxxxx
Sending Access-Request of id 156 to 127.0.0.1:1812
        User-Name = "admin"
        User-Password = "xxxxxx"
        NAS-IP-Address = SME
        NAS-Port = 1812
Re-sending Access-Request of id 156 to 127.0.0.1:1812
        User-Name = "admin"
        User-Password = "T\313\231\317bK42\353\377\375)yC\261e"
        NAS-IP-Address = SME
        NAS-Port = 1812
rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=156, length=20
rad_decode: Received Access-Reject packet from 127.0.0.1:1812 with invalid signature (err=2)!  (Shared secret is incorrect.)
radclient: radclient.c:440: send_one_packet: Assertion `radclient->reply == ((void *)0)' failed.
/usr/bin/radtest: line 53:  2971 Done                    ( echo "User-Name = \"$1\""; echo "User-Password = \"$2\""; echo "NAS-IP-Address = $nas"; echo "NAS-Port = $4"; if [ "$6" ]; then
    echo "Framed-Protocol = PPP";
fi )
      2972 Aborted                 | $radclient $DICTIONARY -x $3 auth $5

[meelis]

In order to use it please define the client host in hostnames and addresses

How/where i must do this?

[meelis]

[root@myyr raddb]# radtest admin 1XWNG4Dv+GDu2BMGhrcViNfZEdFL+Pp localhost 1812 1XWNG4Dv+GDu2BMGhrcViNfZEdFL+Pp
Sending Access-Request of id 154 to 127.0.0.1:1812
        User-Name = "admin"
        User-Password = "1XWNG4Dv+GDu2BMGhrcViNfZEdFL+Pp"
        NAS-IP-Address = myyr
        NAS-Port = 1812
Re-sending Access-Request of id 154 to 127.0.0.1:1812
        User-Name = "admin"
        User-Password = "0#\362\331\302;\366b\207\220\336\016\025t2\232`\010\366\001\271\302b\031\253\020\203U\232@\206\341"
        NAS-IP-Address = myyr
        NAS-Port = 1812
rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=154, length=20

I think its work but how i can add  new client to client.conf, if i add this manualy this file his regenerated and all by lost

[TrevorB]

In order to use it please define the client host in hostnames and addresses

How/where i must do this?

In the Hostnames and addresses panel of server-manager....   
http://wiki.contribs.org/SME_Server:Documentation:Administration_Manual:Chapter13#Hostnames_and_addresses

Trevor B

[meelis]

Thats ok but i need some diferent way, like this.
If someone has connect to wireless they asked password and user name and use for this files where i but usernames and passwords, now i need but hostnames and addresses.
What i doing if i need enable connect some visitors?
Mysql tabels? but how?

[Franco]

It's called Hotspot.
You can actually can get away with Dungog's Proxyusers package. No need for Radius, which I use for MAC address authorization.