Problem in connecting to freeradius on Amazon EC2.

[Karthik Kumar Balasubramani]

Hello,

I tried installing Radiusdesk from source on a EC2 instance.
My requirements are to install
Nginx, FreeRadius and Node.js.

I followed the article http://www.radiusdesk.com/getting_started/install

After complete installation the clients cannot reach radius server. Debug says "ready to process request" and listening on ports. The netstat output shows ports 1812, 1813 open.
Radtest failed with "radclient: no response from server for id 122 socket 3"

Full debugoutput : http://pastebin.com/3N7Y6PXh
Radtest result: http://postimg.org/image/ss2n7gzll
Netstat output: http://postimg.org/image/9yguah1dl

The EC2 firewall is set to allow incoming 1812, 1813 and 1814. But still cannot see the ports open on the public IP.

Please help.

[Dirk van der Walt]

Hi,

That does not make sense especially trying to connect from the local machine to itself with radclient.

You did all the tests I would also have done. What if you restart the machine as a last resort?

Regards

[Karthik Kumar Balasubramani]

Hi Dirk,

I tried restarting and didn't make any difference. Do you think its something to do with Amazon EC2?

Regards,
Karthik.

[Dirk van der Walt]

Hi Karthik,

If you want I can log into the server to do a quick check if there is something you may have overlooked. Sometimes two heads are better than one :-)

You can mail me: dirkvanderwalt at gmail

Regards

[Karthik Kumar Balasubramani]

Hi Dirk,

Thanks a lot for your help. I will email you the login details shortly.

Cheers.

[Karthik Kumar Balasubramani]

Hi Dirk,

Thanks for sorting the problem for me. My RadiusDesk on EC2 receives packet now.

Cheers,
Karthik.

[krunal vaghasiya]

@Karthik

Can you share what settings work for your freeradius at EC2 AWS, currentyl i am also facing same issue.

[alexandre]

Hi,

I'm the one who using Amazon EC2 too. Could you please suggest me how to fix that problem.

Thanks

[Mfawa Alfred Onen]

Makes sure you open FreeRADIUS ports in your security groups for EC2

[alexandre]

This is a list of ports I have opened: 22, 80, 8000 for tcp and 1812, 1813 for udp.

Is there another port number need to be open?

Thanks

[Jon Webb]

Was this just a port opening problem?

[alexandre]

Hi Jon Webb,

For Amazon EC2 you have to open ICMP in Security Groups.

Cheers.

[Dirk van der Walt]

Hi guys,

It seems to be a common struggle on the Amazon EC2 to get the traffic going. Someone I helped with a few weeks back also had to open ICMP (although this I thought was more related to the MESHdesk since the MESHdesk firmware sends a ping to the back-end)

Unfortunately I don't have access to the EC2 control panel, so if one you you got it working, perhaps you can forward me a short 'howto' which we can add to the Wiki to ease things in the future.

Cheers

[fridaystreet]

Sorry double post

[fridaystreet]

Hi Guys,

I can confirm you don't need ICMP to run pure radiusdesk on EC2. We've been running it for over a year on EC2 with an RDS DB and only have the following inbound rules. Server talks to the db server over the VPC.

1812 UDP
1813 UDP
8888 TCP
22 TCP
80 TCP
443 TCP

The only reason I could think you would need ICMP is for ping based monitoring, but that shouldn't be affecting freeradius. Sorry if it sounds silly, but you are modifying the right group? EC2 wizard tends to create a lot of generically named groups (eg launch wizard-1 launchwizard-2 etc), just double check the group the instance is using and make sure that's the group you're editing.

Cheers
Paul