[ previous ] [ next ] [ threads ]
 
 From:  "Ken Davis" <kdavis at ucla dot edu>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Problem getting RADIUS Authentication working M0N0Wall 1.11
 Date:  Sat, 30 Apr 2005 19:44:22 -0700
Monowall interfaces - (3) 3Com 10/100 cards.  

1 - WAN (Connected to Verizon DSL)
2 - LAN (10.1.1.0 /24)  LAN interface set to 10.1.1.1
3 - PORTAL (192.168.11.0/24) PORTAL interface set to 192.168.11.1

Everything works well without RADIUS - can get through M0N0wall from both PORTAL and LAN to WAN for
allowed ports.

I installed Multi-Tech RADIUS server v 2.01 on a Windows XP Professional SP2 host on the LAN
(10.1.1.199)  Configured a userid and password and a shared secret.  Service is up, running, and
Netstat -a shows RADIUS and RADAUTH available.  the Windows Firewall is configured to allow 1812,
1813, 1645, 1646 UDP.  Doesn't work with Windows Firewall disabled either, so I think whatever is
not happening is not happening before the Windows box is ever reached.

M0N0wall is configured to use 10.1.1.199 as the Radius server with the appropriate shared secret. 

Firewall rule in place to allow ports 1645,1646,1812,1813 from PORTAL network to host 10.1.1.199 on
the LanSubnet.

The following HTML is sent to the PORTAL host for authentication...  

<html><head><title>My Captive Portal</title>
 </head>
 <h1>My Captive Portal</h1>
 <form method="post" action="">
 Username: <input type="text" name="auth_user" size="20"><br>
 Password: <input type="password" name="auth_pass" size="20"><br>
  <input name="accept" type="submit" value="Continue">
 </form>
 </html>

This page is received on the PORTAL host with no problems.
I enter the configured login id and password, and....  authentication failed...

I never see a connection attempt to the RADIUS server at 10.1.1.199, and there's nothing in the
firewall logs stating that anything was blocked.  Authentication fails...  Seems all is set up
correctly - any one have any suggestions as to how I can get this working? 

Thanks, 

--KEN