Comments (23)
from flexinets.radius.radiusserver.
I didn't even know logging was an option. I'll turn that in and see what it says.
My plan was to run this behind an nginx reverse proxy, which would make it run on localhost anyways, so this may be a non issue in the long run. I'm in the process of setting that up and I'll see if that works.
The reverse proxy will be good for running in production, but it would be nice to have it running on the Windows server too so I can debug while developing.
from flexinets.radius.radiusserver.
from flexinets.radius.radiusserver.
from flexinets.radius.radiusserver.
Hi again,
I just tested this in a .Net 4.7.1 console application over a network without problems on Windows 2016. Previously I have only used this in production as a windows service. I did manually have to open the UDP port in Windows Firewall though.
For logging I suggest creating a log4net.config file like this:
<?xml version="1.0" encoding="utf-8" ?>
<log4net>
<appender name="ConsoleAppender" type="log4net.Appender.ConsoleAppender">
<layout type="log4net.Layout.PatternLayout">
<conversionPattern value="%date [%thread] %-5level %logger [%property{NDC}] - %message%newline" />
</layout>
</appender>
<root>
<level value="DEBUG" />
<appender-ref ref="ConsoleAppender" />
</root>
</log4net>
and then in main do something like
XmlConfigurator.Configure(LogManager.GetRepository(Assembly.GetEntryAssembly()), new FileInfo(Path.Combine(Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location), "log4net.config")));
Then you will get the logs from RadiusServer in the console
from flexinets.radius.radiusserver.
Just woke up. :) I'll put the logging in and see what it says. Also, I'm using dotnet core 2.1. Not sure if that would make a difference or not.
from flexinets.radius.radiusserver.
from flexinets.radius.radiusserver.
Got logging in place and started up the server (console app).
2018-07-17 13:42:07,082 [5] DEBUG Flexinets.Radius.RadiusServer [(null)] - Received packet from [my ip address]:56408, Concurrent handlers count: 1
2018-07-17 13:42:07,084 [5] ERROR Flexinets.Radius.RadiusServer [(null)] - No packet handler found for remote ip [my ip address]:56408
2018-07-17 13:42:07,111 [5] ERROR Flexinets.Radius.RadiusServer [(null)] - Failed to receive packet from [my ip address]:56408
System.InvalidOperationException: Invalid Message-Authenticator in packet 132
at Flexinets.Radius.Core.RadiusPacket.Parse(Byte[] packetBytes, IRadiusDictionary dictionary, Byte[] sharedSecret)
at Flexinets.Radius.RadiusServer.HandlePacket(IPEndPoint remoteEndpoint, Byte[] packetBytes)
2018-07-17 13:42:07,147 [5] DEBUG Flexinets.Radius.RadiusServer [(null)] - 0184004acb3a2a9d231addbf1dc8fc2a31270c8b0106757365720212b50628ec8d57514a28c0f2371592e6cc04067f000101050600000000501200000000000000000000000000000000
from flexinets.radius.radiusserver.
I tried changing the packet handler to handle IPAddress.Any
, but I still get a message that there is no handler for that ip.
from flexinets.radius.radiusserver.
I changed the packet handler to accept on 127.0.0.1
and it works. You'll need to explain this one to me.
I still get the exception message though.
System.InvalidOperationException: Invalid Message-Authenticator in packet 187
at Flexinets.Radius.Core.RadiusPacket.Parse(Byte[] packetBytes, IRadiusDictionary dictionary, Byte[] sharedSecret)
at Flexinets.Radius.RadiusServer.HandlePacket(IPEndPoint remoteEndpoint, Byte[] packetBytes)
2018-07-17 13:53:01,806 [5] DEBUG Flexinets.Radius.RadiusServer [(null)] - 01bb004a565eaf57ac5040961ca4bb9d9a81551401067573657202122cf78ce1ff59c3319b08805e891a3d0904067f000101050600000000501200000000000000000000000000000000
from flexinets.radius.radiusserver.
from flexinets.radius.radiusserver.
Not intentionally. ;)
I'm sorry, it looks like it still says no packet handler found for the ip address. Do I need to have a handler for every client that is connecting?
from flexinets.radius.radiusserver.
from flexinets.radius.radiusserver.
The IP address will be the AP hotpot's IP address then, right? I'm making a captive portal also, so I can capture the IP address to use there, then add them on startup, and whenever a new one is added. Do you have any suggestions on how to load new IPs on the fly? Worst case scenario, I could watch a file for changes. Maybe having another socket open that I can hit to tell it to reload the IPs from the database.
from flexinets.radius.radiusserver.
from flexinets.radius.radiusserver.
from flexinets.radius.radiusserver.
I'm currently working through how the protocol works.
- The AP goes to the CP (captive portal) site.
- User clicks a button a login button.
- CP makes some xhr requests to some endpoints to setup some stuff, like a chap password (I think).
- CP is redirected to a UAM address that the AP supplied.
- AP sets up some CHAP info based on the UAM requests parameters, and makes a request to the RADIUS server, passing the CHAP name, password and challenge.
- Radius server need to look at the CHAP info supplied and find out if it's valid, then return an AccessAccept response, along with some other attributes, like Session-Timeout.
- If there is an AccessAccept response, the user is forwarded to the success page.
Does that sound about right? What authentication methods have you used with RADIUS before?
from flexinets.radius.radiusserver.
from flexinets.radius.radiusserver.
I was able to get a working captive portal site up where you click a button, it redirets to the uam ip, the ap calls the radius server, then it redirects after authenticated. I also just forgot I was on the hotspot connection and when trying to access a site, I go redirected back to the login. I have a bit of a ways to go to make it fully functional, but I believe the hard part is over.
Thanks so much for the help and this awesome library.
Btw, have you done any load testing on it? How many connections at once can it handle? I'm thinking I probably should still put this behind a reverse proxy and start it as a service that will restart if it does. Basically what aspnet core does when running kestrel on linux.
from flexinets.radius.radiusserver.
from flexinets.radius.radiusserver.
Awesome. Thanks for all your help!
from flexinets.radius.radiusserver.
What are those few lines of code to get it to accept any IP address? The catch all packet handler. It might come in handy for me.
from flexinets.radius.radiusserver.
Something like this probably 41775d8
from flexinets.radius.radiusserver.
Related Issues (14)
- I would like to consult, you successfully set up radius server? HOT 17
- Vendors for the dictionary HOT 7
- Current example of running the server? HOT 2
- Add Handlers Obsolete? What is the alternative HOT 3
- EAP Support HOT 1
- Can I authenticate VPN?
- CHAP-MSCHAP
- PacketHandler sharedSecret HOT 2
- Validate request authenticator
- Set proper request authenticator in new accounting request packets
- Support radsec
- Invalid Message-Authenticator in packet 224 when using radtest HOT 4
- Add/remove IPs dynamically HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from flexinets.radius.radiusserver.