Radius Incoming

nazemg · May 21, 2005, 12:34pm

Radius incoming feature in 2.9.

Can anyone explain what its for, and is it working?

Many thanks

cmit · May 23, 2005, 6:38am

It’s for actively disconnecting PPP-type sessions from a RADIUS server - I think in FreeRadius the corresponding script is called “radclient”…

sgocken · May 24, 2005, 5:17pm

Has anyone been able to do anything with incoming Radius?

As far as I can tell i won’t do anything.

Running 2.9rc4

incoming radius is turned on on port 1700
port 1700 is NOT open on the box. I can’t add a new service to open the port on the box.

No firewall rules at all, so it isn’t being blocked.

Telneting to the port give connection refused.

The 2.9 docs don’t have the radius page written yet, so no help there. Any insight would be very handy.

edzix · June 2, 2005, 12:43pm

the port should be opened by default, double check your firewall filters.

The /incoming feature works fine. Refer to ‘man radclient’ for more instructions.

Edgars

eflanery · June 2, 2005, 11:58pm

Hmm, how is the Shared Secret determined for incoming access?

I can get radclient to send to the MikroTik, and the MikroTik increments the “Bad Requests” counter, but I can’t seem to figure out what the Shared Secret should be.

The MT doesn’t have an option to set it in /radius incoming, either in WinBox or the command line.

Nor does the Shared Secret specified in /radius (for the server I’m trying from) work.

I’m at a loss (at least until documentation is available).

Any ideas?

Thanks,
–Eric

edzix · June 6, 2005, 3:42pm

Eric,

follow this scenario:

echo "User-Name := test" | radclient <router-ip-addr> disconnect <secret>

[/code]

eflanery · June 6, 2005, 5:46pm

Still did not work, until I downgraded to 2.8.27, and re-upgraded to 2.9rc4. Now it works, along with a firewall jump rule I was having issues with. Weird.

The secret specified in /radius, for the server I was running radclient on, works now.

–Eric