Radiusd server not serving the request - radius

I have set up a radiud server on centos 6.8 and I have a switch that I want to call this radius server for authentication. The switch ip address is 10.2.1.4 which is there in the clients config file. Here is the part of my client conf file
client switch {
ipaddr = 10.2.1.4
secret = testing123
nastype = other
}
Below is the error that I am getting
... adding new socket proxy address * port 55146
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Listening on command file /var/run/radiusd/radiusd.sock
Listening on authentication address 127.0.0.1 port 18120 as server inner-
tunnel
Listening on proxy address * port 1814
Ready to process requests.
Ignoring request to authentication address * port 1812 from unknown client
10.2.1.4 port 1037
Ready to process requests.
Can anyone please help me here?

Related

curl request to cluster node port hangs on initializing NSS with certpath

I am attempting to make a local request to the kubernetes cluster that is hosted on my server, the cluster's NodePort is listening at the following address 172.20.120.1:30280. External client in production are required to make requests to 172.20.0.1:8000 (this cannot change), so I am attempting to add a DNAT rule to nat the traffic from:
172.20.0.1:8000 -> 172.20.120.1:30280 (k8s NodePort)
I am able to make curl request to 172.20.120.1:30280 directly and get a successful response back. However, when I make a curl request to 172.20.0.1:8000 it just hangs with the following message:
# curl -vvvk https://172.20.0.1:8000/v1/my-api
* About to connect() to 172.20.0.1 port 8000 (#0)
* Trying 172.20.0.1...
* Connected to 172.20.0.1 (172.20.0.1) port 8000 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
And then it eventually times out with the following error:
...
* NSS error -5961 (PR_CONNECT_RESET_ERROR)
* TCP connection reset by peer
* Closing connection 0
curl: (35) TCP connection reset by peer
When I make a request directly to 172.20.120.1:30280 I don't get that cert error and it works. I get a successful response back.
Does anyone know why I am getting that cert error?

LibGDX: Error making a socket connection to *ip-adress*

I want to make 2 devices communicate via sockets.
I use this code for the client socket:
Socket socket = Gdx.net.newClientSocket(Net.Protocol.TCP, adress, 1337, socketHints);
(SocketHints: timeout = 4000)
I get a GdxRuntimeException each time this line is being executed. What is wrong with the socket?
Screenshot of stack trace
You get that message because the socket couldn't be opened.
Note the last line about the return in the API:
newClientSocket:
Socket newClientSocket(Net.Protocol protocol,
java.lang.String host,
int port,
SocketHints hints)
Creates a new TCP client socket that connects to the given host and port.
Parameters:
host - the host address
port - the port
hints - additional SocketHints used to create the socket. Input null to use the default setting provided by the system.
Returns:
GdxRuntimeException in case the socket couldn't be opened
Try doing some debugging to find out why you are getting this error.
Is the port already in use? Are you trying to open more than one connection on the same port? Is the server IP valid? Maybe something else is causing the issue?

Remote Kafka JMX - Connection refused

I am running kafka10 on a remote server and the JMX is enabled on port 9999.
JMX URL :- service:jmx:rmi:///jndi/rmi://kafka_host:9999/jmxrmi
When i try to connect to the JMX from my local network, it works fine and getting response within few secs.
But when i try to connect from my test servers, we get connection refused.
The ACL is opened from this host to the kafka host on port 9999.
Application code,
TopicJMXMetrics jmxMetrics = new TopicJMXMetrics();
JMXServiceURL serviceURL = new JMXServiceURL(jmxUrl);
JMXConnector connector = JMXConnectorFactory.connect(serviceURL, null);
MBeanServerConnection connection = connector.getMBeanServerConnection();
Is there any other setting required from Kafka or on the Application Side? Or, any other port to be opened
Thanks

Setting up Meteor Email with AWS SMTP

This Meteor server code tries to send email from the server start up.
The steps I followed after reading the AWS docs are:
1) Verify an email address which is also on AWS webMail.
2) Applied to increase sending limits.
3) Created and received SMTP credentials.
Meteor 1.4.4.2
email#1.2.1
//server/main.js
smtp = {
'username': 'from smtp credentials',
'password': 'from smtp credentials',
'host': 'email-smtp.us-east-1.amazonaws.com',
'port': '465',
'auth': true
};
process.env.MAIL_URL = 'smtp://' + encodeURIComponent(smtp.username) + ':' + encodeURIComponent(smtp.password) + '#' + encodeURIComponent(smtp.outgoingServer) + ':' + smtp.outgoingPort;
Meteor.startup(() => {
Email.send({
to: 'my-aws-verified-email#comp.com',
subject: 'sending-to-myselft',
text: 'Just checking if it is working'
});
});
Error: getaddrinfo ENOTFOUND undefined undefined:587
Any idea how to get it to work? thx
edit
After changing the process.env.MAIL_URL value to:
process.env.MAIL_URL = 'smtp://' + encodeURIComponent(smtp.username) +
':' + encodeURIComponent(smtp.password) +
'#' + encodeURIComponent(smtp.host) +
':' + smtp.auth + ':' + smtp.port;
The error now is:
Error: Greeting never received
changing the port to "587" gives a different error:
Error: Mail command failed: 501 Invalid MAIL FROM address provided
telnet email-smtp.us-east-1.amazonaws.com 465
Trying 107.21.244.69...
Connected to ses-smtp-prod-335357831.us-east-1.elb.amazonaws.com.
Escape character is '^]'.
Connection closed by foreign host.
telnet email-smtp.us-east-1.amazonaws.com 2465
Trying 54.221.247.194...
Connected to ses-smtp-prod-335357831.us-east-1.elb.amazonaws.com.
Escape character is '^]'.
Connection closed by foreign host.
telnet email-smtp.us-east-1.amazonaws.com 25
Trying 54.243.106.227...
telnet: connect to address 54.243.106.227: Connection refused
Trying 107.21.244.69...
telnet: connect to address 107.21.244.69: Connection refused
Trying 23.21.91.54...
telnet: connect to address 23.21.91.54: Connection refused
Trying 50.19.94.229...
telnet: connect to address 50.19.94.229: Connection refused
Trying 54.235.77.145...
telnet: connect to address 54.235.77.145: Connection refused
Trying 54.243.97.84...
telnet: connect to address 54.243.97.84: Connection refused
Trying 23.23.104.248...
telnet: connect to address 23.23.104.248: Connection refused
Trying 54.221.247.194...
telnet: connect to address 54.221.247.194: Connection refused
telnet: Unable to connect to remote host
telnet email-smtp.us-east-1.amazonaws.com 587
Trying 54.221.247.194...
Connected to ses-smtp-prod-t5t357831.us-east-1.elb.amazonaws.com.
Escape character is '^]'.
220 email-smtp.amazonaws.com ESMTP SimpleEmailService-1110753669 CalqM0Qfzgny2ooZ0wo5
421 Timeout waiting for data from client.
Connection closed by foreign host.
telnet email-smtp.us-east-1.amazonaws.com 2587
Trying 23.23.104.248...
Connected to ses-smtp-prod-337800831.us-east-1.elb.amazonaws.com.
Escape character is '^]'.
220 email-smtp.amazonaws.com ESMTP SimpleEmailService-20753669yy 4qrIfUj4ApTwkj4ZJUNa
421 Timeout waiting for data from client.
Connection closed by foreign host.
You were troubleshooting two simultaneous issues, and when you fixed one of them, it wasn't obvious that you were making progress, because then you encountered the other.
For outbound email, SES listens on two sets of ports.
STARTTLS on the standard port 587, the traditional (but wrong) port 25, and an unprivileged port 2587.
TLS Wrapper on the standard port 465, and an unprivileged port 2465.
The difference between the two sets is how the SSL (TLS) is negotiated. With STARTTLS, the server talks first and the client asks that the connection switch to encrypted mode... while with TLS Wrapper, the connection starts out with TLS but the client talks first, initiating TLS negotiation.
Clearly, from these descriptions, using a TLS Wrapper port when the client anticipates using STARTTLS will result in a timeout, since both sides are waiting for the other side to talk.
Port 25 is not a winner, since EC2 has aggressive rate limiting enabled by default, to prevent the obvious spam problem that would otherwise happen. You can ask for this to be disabled by submitting a support request, but the simplest solution is to just use port 587.
http://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-connect.html
Then, your client wasn't setting a sender address, since no from address was being specified.

xrdp with sesman for port redirection

I am using xrdp in Centos.
1) in /etc/xrdp/xrdp.ini I set the port to -1
[xrdp1]
name=sesman-Xvnc
lib=libvnc.so
username=ask
password=ask
ip=127.0.0.1
port=-1
This is ok. I can login with my user and password.
1) in /etc/xrdp/sesman.ini I want to redirect to port 5902
port 5902: where my vncserver is already running in Xinetd.
How would you configure the sesman.ini to connect to these port 5902?
try to config /etc/xrdp/xrdp.ini, and set port as 5902
[xrdp1]
name=sesman-Xvnc
lib=libvnc.so
username=ask
password=ask
ip=127.0.0.1
port=5902