Nov 27 05:04:43 ip-172-31-16-105 systemd[1]: freeradius.service: Control process exited, code=exited status=1
Nov 27 05:04:43 ip-172-31-16-105 systemd[1]: freeradius.service: Failed with result 'exit-code'.
Nov 27 05:04:43 ip-172-31-16-105 systemd[1]: Failed to start FreeRADIUS multi-protocol policy server.
Can anyone give me a hint if there's something wrong in my installation? Here is my dynamic client file and freeradius.service file:
#Define a client that has a 'catch all'
client dymamic {
ipaddr = 0.0.0.0/0
#netmask = 0
#We spacify the virtual server that will be used for client verification
dynamic_clients = dynamic_clients
lifetime = 3600
}
#
# This is the virtual server referenced above by "dynamic_clients".
server dynamic_clients {
#
# The only contents of the virtual server is the "authorize" section.
authorize {
#
# Example 1: Hard-code a client IP. This example is
# useless, but it documents the attributes
# you need.
#
if ("%{sql: SELECT nasname FROM nas WHERE nasname = '%{Packet-Src-IP-Address}'}") {
update control {
FreeRADIUS-Client-IP-Address = "%{Packet-Src-IP-Address}"
FreeRADIUS-Client-Shortname = "%{sql: SELECT shortname FROM nas WHERE nasname = '%{Packet-Src-IP-Address}'}"
FreeRADIUS-Client-Secret = "%{sql: SELECT secret FROM nas WHERE nasname = '%{Packet-Src-IP-Address}'}"
FreeRADIUS-Client-NAS-Type = "%{sql: SELECT type FROM nas WHERE nasname = '%{Packet-Src-IP-Address}'}"
FreeRADIUS-Client-Require-MA = no
}
}
else{
update control {
#
# Echo the IP address of the client.
FreeRADIUS-Client-IP-Address = "%{Packet-Src-IP-Address}"
# require_message_authenticator
FreeRADIUS-Client-Require-MA = no
# secret
FreeRADIUS-Client-Secret = "secret123"
# shortname
FreeRADIUS-Client-Shortname = "%{Packet-Src-IP-Address}"
# nas_type
FreeRADIUS-Client-NAS-Type = "other"
FreeRADIUS-Client-Virtual-Server = "radiusdesk-plain"
}
}
#update control {
#
# Echo the IP address of the client.
# FreeRADIUS-Client-IP-Address = "%{Packet-Src-IP-Address}"
# require_message_authenticator
# FreeRADIUS-Client-Require-MA = no
# secret
# FreeRADIUS-Client-Secret = "secret123"
# shortname
# FreeRADIUS-Client-Shortname = "%{Packet-Src-IP-Address}"
# nas_type
# FreeRADIUS-Client-NAS-Type = "other"
# FreeRADIUS-Client-Virtual-Server = "radiusdesk-plain"
#}
#
# Tell the caller that the client was defined properly.
#
# If the authorize section does NOT return "ok", then
# the new client is ignored.
ok
}
}
OK, after running the debug process sudo freeradius -X I found out that the service see /etc/freeradius/3.0/ for configuration, but the guide from wiki use /etc/freeradius.
So I copy all the things in /etc/freeradius/ to /etc/freeradius/3.0, and now it's active. That means I have to config things from the /etc/freeradius/3.0 folder. Is this a viable solution or will it have any negative effect on my installation?
But there's still some problem. In the webUI, it says that the key for dynamic client is testing123, but I've changed all "testing123" in the config to "secret123". Why is that?
Also, for the installation in MESHdesk and APdesk, in the following line:
$config['ApProfiles']['captive_portal']['uam_url'] = 'http://198.27.111.78/cake2/rd_cake/dynamic_details/chilli_browser_detect/';
My config file use cake3 instead of cake2. Should I let it use cake3 or change it to cake2?
Last edit: Naraska 2018-11-30
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
So, if I want to use the freeradius -X debug, I have to STOP the freeradius.service first. I can see my device sending accounting request, though there's an eror:
} # policy RADIUSdesk_rewrite_calling_station_id = noop
(0) if (&request:User-Name =~ /^([0-9a-f]{2})[-:]+([0-9a-f]{2})[-:]+([0-9a-f]{2})[-:]+([0-9a-f]{2})[-:]+([0-9a-f]{2})[-:]+([0-9a-f]{2})$/i){
(0) ERROR: Failed retrieving values required to evaluate condition
What I don't understand is, if I start the freeradius.service, then run freeradius -X, I get the following:
Failed creating control socket "/var/run/freeradius/freeradius.sock": Control socket '/var/run/freeradius/freeradius.sock' is already in use
It's like there are 2 freeradius service that's getting in the way with each other. I've followed the instruction in the wiki to the t. Is there a hidden configuration that I'm missing?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hello, I am trying to setup Radiusdesk on my hosted server, and using this guide http://www.radiusdesk.com/docuwiki/getting_started/install_ubuntu_freeradius_3 .
I can open up the webGUI, but when I restart the service I got an error:
Can anyone give me a hint if there's something wrong in my installation? Here is my dynamic client file and freeradius.service file:
#Define a client that has a 'catch all' client dymamic { ipaddr = 0.0.0.0/0 #netmask = 0 #We spacify the virtual server that will be used for client verification dynamic_clients = dynamic_clients lifetime = 3600 } # # This is the virtual server referenced above by "dynamic_clients". server dynamic_clients { # # The only contents of the virtual server is the "authorize" section. authorize { # # Example 1: Hard-code a client IP. This example is # useless, but it documents the attributes # you need. # if ("%{sql: SELECT nasname FROM nas WHERE nasname = '%{Packet-Src-IP-Address}'}") { update control { FreeRADIUS-Client-IP-Address = "%{Packet-Src-IP-Address}" FreeRADIUS-Client-Shortname = "%{sql: SELECT shortname FROM nas WHERE nasname = '%{Packet-Src-IP-Address}'}" FreeRADIUS-Client-Secret = "%{sql: SELECT secret FROM nas WHERE nasname = '%{Packet-Src-IP-Address}'}" FreeRADIUS-Client-NAS-Type = "%{sql: SELECT type FROM nas WHERE nasname = '%{Packet-Src-IP-Address}'}" FreeRADIUS-Client-Require-MA = no } } else{ update control { # # Echo the IP address of the client. FreeRADIUS-Client-IP-Address = "%{Packet-Src-IP-Address}" # require_message_authenticator FreeRADIUS-Client-Require-MA = no # secret FreeRADIUS-Client-Secret = "secret123" # shortname FreeRADIUS-Client-Shortname = "%{Packet-Src-IP-Address}" # nas_type FreeRADIUS-Client-NAS-Type = "other" FreeRADIUS-Client-Virtual-Server = "radiusdesk-plain" } } #update control { # # Echo the IP address of the client. # FreeRADIUS-Client-IP-Address = "%{Packet-Src-IP-Address}" # require_message_authenticator # FreeRADIUS-Client-Require-MA = no # secret # FreeRADIUS-Client-Secret = "secret123" # shortname # FreeRADIUS-Client-Shortname = "%{Packet-Src-IP-Address}" # nas_type # FreeRADIUS-Client-NAS-Type = "other" # FreeRADIUS-Client-Virtual-Server = "radiusdesk-plain" #} # # Tell the caller that the client was defined properly. # # If the authorize section does NOT return "ok", then # the new client is ignored. ok } }And this is the service file:
Thank you in advance.
OK, after running the debug process sudo freeradius -X I found out that the service see /etc/freeradius/3.0/ for configuration, but the guide from wiki use /etc/freeradius.
So I copy all the things in /etc/freeradius/ to /etc/freeradius/3.0, and now it's active. That means I have to config things from the /etc/freeradius/3.0 folder. Is this a viable solution or will it have any negative effect on my installation?
But there's still some problem. In the webUI, it says that the key for dynamic client is testing123, but I've changed all "testing123" in the config to "secret123". Why is that?
Also, for the installation in MESHdesk and APdesk, in the following line:
$config['ApProfiles']['captive_portal']['uam_url'] = 'http://198.27.111.78/cake2/rd_cake/dynamic_details/chilli_browser_detect/';
My config file use cake3 instead of cake2. Should I let it use cake3 or change it to cake2?
Last edit: Naraska 2018-11-30
So, if I want to use the freeradius -X debug, I have to STOP the freeradius.service first. I can see my device sending accounting request, though there's an eror:
} # policy RADIUSdesk_rewrite_calling_station_id = noop
(0) if (&request:User-Name =~ /^([0-9a-f]{2})[-:]+([0-9a-f]{2})[-:]+([0-9a-f]{2})[-:]+([0-9a-f]{2})[-:]+([0-9a-f]{2})[-:]+([0-9a-f]{2})$/i){
(0) ERROR: Failed retrieving values required to evaluate condition
What I don't understand is, if I start the freeradius.service, then run freeradius -X, I get the following:
Failed creating control socket "/var/run/freeradius/freeradius.sock": Control socket '/var/run/freeradius/freeradius.sock' is already in use
It's like there are 2 freeradius service that's getting in the way with each other. I've followed the instruction in the wiki to the t. Is there a hidden configuration that I'm missing?