Client-related problems
A user connects to a RADIUS client; the RADIUS client in turn connects to the RADIUS server. If a client does not seem to be able to connect with the server check the following first:
- Does FreeRADIUS knows about this client? Check the FreeRADIUS log file for lines like the following:
Wed May 18 17:53:57 2012 : Error: Ignoring request to authentication address * port 1812 from unknown client 192.168.1.103 port 39881 - Is the client allowed through the firewall running on the FreeRADIUS server? To check the firewall rules use the following command (requires root access):
#> /sbin/iptables -L -n
If these initial checks have passed, run FreeRADIUS in debug mode in order to do proper troubleshooting. The debug messages will show when a request is received and how it is processed. These debug messages are verbose, containing lots of detail making it easy to follow.
Unfortunately, when you run FreeRADIUS in a production environment it is not always easy to first stop the FreeRADIUS...
