[ previous ] [ next ] [ threads ]
 From:  "Chris Buechler" <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Radius through VPN
 Date:  Thu, 25 Sep 2008 09:39:49 -0400
On Thu, Sep 25, 2008 at 7:42 AM, Christian Decker
<decker dot christian at gmail dot com> wrote:
> Hi all,
> I'm trying to setup a system that is distributed across multiple
> locations. I figured that I could link the locations together with VPN
> and have a freeradius server at our main location and then
> authenticate the users through that VPN link.
> My main location has the network and the first side
> location has VPN is set up correctly in that I can
> ping all machines from one side to the other. The radius server is
> working correctly and as long as I have it on the LAN side of my main
> location my main location is able to authenticate users against it,
> but when I try to activate the captive portal on my side location it
> always gives me a bad authentication attempt:
> Sep 25 13:34:40         ERROR: cxd, 00:0f:1f:cd:53:49,, Error
> sending request: No valid RADIUS responses received
> The really strange thing is that if I test it with the captive portal
> off and with radtest all looks fine
> $ radtest cxd password 1812 secret
> Sending Access-Request of id 158 to port 1812
>        User-Name = "cxd"
>        User-Password = "password"
>        NAS-IP-Address =
>        NAS-Port = 1812
> rad_recv: Access-Accept packet from host, id=158, length=20
> Any idea what's going wrong?

You need a static route, same as: