Radius测试只在本地机器上成功,但不能通过远程机器

Question

我通过apt-get在Ubuntu 10中安装了freeradius.

使服务器运行后.本地测试有效:

yozloy@SNDA-192-168-21-78:/usr/bin$ echo "User-Name=testuser,Password=123456" | radclient 127.0.0.1:1812 auth testing123 -x
Sending Access-Request of id 245 to 127.0.0.1 port 1812
    User-Name = "testuser"
    Password = "0054444944"
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=245, length=20

但是在远程计算机中,似乎radius服务器机器没有响应:

root@SNDA-192-168-14-131:/home/yozloy# echo "User-Name=testuser,Password=123456" | radclient 58.215.164.98:1812 auth testing123 -x
Sending Access-Request of id 36 to 58.215.164.98 port 1812
    User-Name = "testuser"
    Password = "0054444944"
Sending Access-Request of id 36 to 58.215.164.98 port 1812
    User-Name = "testuser"
    Password = "0054444944"
Sending Access-Request of id 36 to 58.215.164.98 port 1812
    User-Name = "testuser"
    Password = "0054444944"
radclient: no response from server for ID 36 socket 3

这是我的配置文件:

clients.conf

client 58.215.164.98 {
        ipaddr = 58.215.164.98
        secret = testing123

        require_message_authenticator = no
}

用户

testuser CLeartext-Password := "0054444944"

更新配置文件(我实际上没有改变任何东西)radiusd.conf

proxy_requests  = yes
$INCLUDE proxy.conf
$INCLUDE clients.conf
thread pool {
        start_servers = 5
        max_servers = 32
        min_spare_servers = 3
        max_spare_servers = 10
        max_requests_per_server = 0
}
modules {
        $INCLUDE ${confdir}/modules/
        $INCLUDE eap.conf
}
instantiate {
        exec
        expr
        expiration
        logintime
}
$INCLUDE policy.conf
$INCLUDE sites-enabled/

yozloy@SNDA-192-168-18-234:/etc/freeradius$ netstat -an
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN     
tcp        0      0 192.168.18.234:22       123.5.13.20:3274        ESTABLISHED
tcp6       0      0 :::22                   :::*                    LISTEN     
udp        0      0 0.0.0.0:1812            0.0.0.0:*                          
udp        0      0 0.0.0.0:1813            0.0.0.0:*                          
udp        0      0 0.0.0.0:1814            0.0.0.0:*                          
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags       Type       State         I-Node   Path
unix  4      [ ]         DGRAM                    2838     /dev/log
unix  2      [ ACC ]     STREAM     LISTENING     2166     @/com/ubuntu/upstart
unix  2      [ ]         DGRAM                    2272     @/org/kernel/udev/udevd
unix  3      [ ]         STREAM     CONNECTED     3351     
unix  3      [ ]         STREAM     CONNECTED     3350     
unix  2      [ ]         DGRAM                    3173     
unix  2      [ ]         DGRAM                    2893     
unix  3      [ ]         DGRAM                    2304     
unix  3      [ ]         DGRAM                    2303     
unix  3      [ ]         STREAM     CONNECTED     2256     @/com/ubuntu/upstart
unix  3      [ ]         STREAM     CONNECTED     2255  

Answer 1

如果我错了，请纠正我，但是，SNDA-192-168-14-131 针对您的 RADIUS 服务器 (SNDA-192-168-21-78) 的 IP 地址不是 58.215.164.98，是吗？如果不是，那就是你的答案。您的 RADIUS 服务器仅适用于在 client.conf 中配置并具有正确密钥的 NAS。

尝试将 192.168.14.131（如果是该主机的 IP 地址）添加到 client.conf 中，然后再尝试。