'Re: help:[freeradius+mysql]destination unreachable(host'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freeradius-users
Subject:    Re: help:[freeradius+mysql]destination unreachable(host
From:       Sam Hooker <sth () noiseplant ! com>
Date:       2011-07-27 14:11:58
Message-ID: 1849926569.28.1311775918802.JavaMail.root () malcolm
[Download RAW message or body]


Sorry, I meant 'iptables -nvL | grep 1812' should yield something like THIS:

    0     0 ACCEPT     udp  --  *      *       192.168.21.223         0.0.0.0/0       \
udp dpt:1812


-sth

> You're looking for 'iptables -nvL | grep 3306' to produce something
> like this:
> 
> 0 0 ACCEPT tcp -- * * 192.168.21.223 0.0.0.0/0 tcp dpt:3306
> 
> 
> -sth
> 
> sam hooker|sth@noiseplant.com|http://www.noiseplant.com
> 
> "I have not failed, I've just found 10,000 ways that won't work."
> Thomas Edison
> 
> ----- Original Message -----
> > ping isn't the same as a open udp port.
> > 
> > run the command:
> > /sbin/iptables-save
> > 
> > and past the output. If it's not the firewall then it's probably
> > ACLs
> > as
> > those are really the only two things that are going to return a
> > admin-prohib icmp packet.
> > 
> > Cheers,
> > Harry
> > 
> > On 07/27/2011 09:06 AM, gary wrote:
> > > Hi Harry
> > > radius server and nas ping no problem each other.
> > > checking firewall no problem.
> > > the OS is Fedora 12.
> > > 
> > > Best Regards
> > > Gary
> > > 
> > > BROWAN COMMUNICATIONS INC.
> > > Tel:886-3-600-6899 ext.4842
> > > Fax:886-3-597-2970
> > > e-mail:gary.yang@browan.com
> > > 
> > > ----- Original Message ----- From: "Harry Hoffman"
> > > <hhoffman@ip-solutions.net>
> > > To: "gary" <gary.yang@browan.com>;
> > > <freeradius-users@lists.freeradius.org>
> > > Sent: Wednesday, July 27, 2011 7:19 PM
> > > Subject: Re: help:[freeradius+mysql]destination unreachable(host
> > > administratively prohibited)
> > > 
> > > 
> > > > Did you open your firewall? Redhat-like distros send dest-prohib
> > > > by
> > > > default for ports blocked by iptables.
> > > > 
> > > > Cheers,
> > > > Harry
> > > > 
> > > > gary <gary.yang@browan.com> wrote:
> > > > 
> > > > > Hi All
> > > > > I have trouble about freeradius+mysql.
> > > > > I configured freeradius(2.1.10) +mysql(5.5.14) and selftest by
> > > > > radtest everything is okay.
> > > > > But when I try external nas client it always returns "null
> > > > > response".
> > > > > the setup as below.
> > > > > PC(client)<===>wireless AP(nas,192.168.21.223)<===>radius
> > > > > server(192.168.21.30)
> > > > > my nas table:
> > > > > mysql> select * from nas;
> > > > > +----+--------------------+---------------------+-------+----------+--------------+----------+---------------+---------------------+
> > > > >  
> > > > > > id | nasname | shortname | type | ports
> > > > > > secret | server | community | description |
> > > > > +----+--------------------+---------------------+-------+----------+--------------+----------+---------------+---------------------+
> > > > >  
> > > > > > 1 | 192.168.21.223 | 192.168.21.223 | other | NULL |
> > > > > testing123 | NULL | NULL | RADIUS Client |
> > > > > > 3 | 127.0.0.1 | localhost | other | NULL
> > > > > > testing123 | NULL | NULL | RADIUS Client |
> > > > > +----+--------------------+---------------------+-------+----------+--------------+-----------+---------------+--------------------+
> > > > >  
> > > > > radcheck table:
> > > > > mysql> select * from radcheck;
> > > > > +----+--------------------+-------------------+----+--------+
> > > > > > id | username | attribute | op | value |
> > > > > +----+--------------------+-------------------+----+--------+
> > > > > > 1 | gary | User-Password | := | gary |
> > > > > > 2 | test | User-Password | := | test |
> > > > > > 3 | 001d09cb2715 | User-Password | := | test |
> > > > > +----+--------------------+-------------------+----+--------+
> > > > > 
> > > > > 192.168.21.223 is the wireless AP(nas) and my radius server is
> > > > > 192.168.21.30.
> > > > > I am using wireshark to capture the packets and it shows
> > > > > "destination
> > > > > unreachable(host administratively prohibited)".
> > > > > see screenshot as below. Can anyone help me?
> > > > > 
> > > > > 
> > > > > Best Regards
> > > > > Gary
> > > > > 
> > > > > -
> > > > > List info/subscribe/unsubscribe? See
> > > > > http://www.freeradius.org/list/users.html
> > > 
> > > 
> > -
> > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic