Question

我在centos7到./configure&&make&&make install中安装了freeradius。使服务器运行后。本地测试有效：

[root@iZ2zebgsn1haj8gu0447fiZ raddb]# radtest steve testing localhost 0 testing123
Sending Access-Request of id 151 to 127.0.0.1 port 1812
User-Name = "steve"
User-Password = "testing"
NAS-IP-Address = 172.17.120.248
NAS-Port = 0
Message-Authenticator = 0x00000000000000000000000000000000
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=151, length=71
Service-Type = Framed-User
Framed-Protocol = PPP
Framed-IP-Address = 172.16.3.33
Framed-IP-Netmask = 255.255.255.0
Framed-Routing = Broadcast-Listen
Filter-Id = "std.ppp"
Framed-MTU = 1500
Framed-Compression = Van-Jacobson-TCP-IP

但是在远程计算机中，似乎半径服务器机器没有响应：

[root@iZ2zebgsn1haj8gu0447fiZ raddb]# radtest steve testing 211.71.149.221 0 testing123
Sending Access-Request of id 149 to 211.71.149.221 port 1812
User-Name = "steve"
User-Password = "testing"
NAS-IP-Address = 172.17.120.248
NAS-Port = 0
Message-Authenticator = 0x00000000000000000000000000000000
Sending Access-Request of id 149 to 211.71.149.221 port 1812
User-Name = "steve"
User-Password = "testing"
NAS-IP-Address = 172.17.120.248
NAS-Port = 0
Message-Authenticator = 0x00000000000000000000000000000000
Sending Access-Request of id 149 to 211.71.149.221 port 1812
User-Name = "steve"
User-Password = "testing"
NAS-IP-Address = 172.17.120.248
NAS-Port = 0
Message-Authenticator = 0x00000000000000000000000000000000
radclient: no response from server for ID 149 socket 3

这是我的配置文件：

clients.conf：

client 211.71.149.221{
    ipaddr=211.71.149.221
    secret  = testing123
    short   = test-client
    nastype = other

}

用户

steve   Cleartext-Password := "testing"
    Service-Type = Framed-User,
    Framed-Protocol = PPP,
    Framed-IP-Address = 172.16.3.33,
    Framed-IP-Netmask = 255.255.255.0,
    Framed-Routing = Broadcast-Listen,
    Framed-Filter-Id = "std.ppp",
    Framed-MTU = 1500,
    Framed-Compression = Van-Jacobsen-TCP-I

我没有使用数据库，所以我没有对radiusd.conf进行更改。

[root@iZ2zebgsn1haj8gu0447fiZ raddb]# netstat -upln
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
udp        0      0 0.0.0.0:68              0.0.0.0:*                           727/dhclient        
udp        0      0 172.17.120.248:123      0.0.0.0:*                           828/ntpd            
udp        0      0 127.0.0.1:123           0.0.0.0:*                           828/ntpd            
udp        0      0 0.0.0.0:123             0.0.0.0:*                           828/ntpd            
udp        0      0 0.0.0.0:58664           0.0.0.0:*                           26159/radiusd       
udp        0      0 0.0.0.0:5489            0.0.0.0:*                           727/dhclient        
udp        0      0 127.0.0.1:18120         0.0.0.0:*                           26159/radiusd       
udp        0      0 0.0.0.0:1812            0.0.0.0:*                           26159/radiusd       
udp        0      0 0.0.0.0:1813            0.0.0.0:*                           26159/radiusd       
udp        0      0 0.0.0.0:1814            0.0.0.0:*                           26159/radiusd       
udp6       0      0 :::123                  :::*                                828/ntpd            
udp6       0      0 :::54457                :::*                                727/dhclient

Answer 1

您的失败radtest正在将请求发送到IP 211.71.149.221的远程服务器。您的clients.conf使用客户端IP地址211.71.149.221定义客户端。我猜这不是你的请求来自的IP。

Radius仅在本地计算机上测试成功，但远程计算机

1 个答案: