TechQA.

How to change Freeradius3 default port(auth1812 & Account1813)

16.7k views Asked by At

I am using freeradius3.0.4. I need to change the default port(1812,1813) to 18120 and 18130. I don't know where it is. Please help! there is no port setting in the main conf.

port freeradius
Original Q&A
3

There are 3 answers

1
Jason.Liu On

Change the port under /etc/service.

0
Fipsi On

The port number is defined in /etc/freeradius/3.0/sites-enabled/default:

server default {
    listen {
        type = auth
        ipaddr = *
        port = 0
        
        limit {
            max_connections = 16
            lifetime = 0
            idle_timeout = 30
        }
    }
    
    listen {
        ipaddr = *
        port = 0
        type = acct
        
        limit {

        }
    }

    ... more configuration
}

As you can see the configured port is 0. This just means it'll use the FreeRADIUS default port which is 1812/1813 (auth/acct).

If you want to change these port numbers, change them in the above file and run systemctl restart freeradius

If you want to run 2 RADIUS sessions in parallel you'd have to cp -rp /etc/freeradius /etc/freeradius2 and start a second RADIUS process with freeradius -X -d /etc/freeradius2

Hope I could help, I also had this issue

Edits:

0 means that it will use the port defined in /etc/services (by default is 1812)

  • Instead of freeradius -X -c ... use freeradius -X -d ... to use a custom directory

  • Use cp -rp ... because otherwise the permissions would change and FreeRADIUS wouldn't work anymore

0
Nagev On

This is what I get on freeRADIUS Version 3.0.16:

$ sudo freeradius -X -i 0.0.0.0 -p 1850

radiusd: #### Opening IP addresses and Ports ####
Listening on auth address * port 1850
Listening on acct address * port 1851
Listening on proxy address * port 56033
Ready to process requests

From man freeradius:

   -p port
          Defines which port is used for receiving authentication packets.  Accounting packets are received on "port + 1".

          When this command-line option is given, all "listen" sections in radiusd.conf are ignored.

          This option MUST be used in conjunction with "-i".

So if you'd like to make the changes permanent, it seems that you need to add a "listen" section to your configuration file with the appropriate parameters (didn't have time to look up the exact syntax).

Also note the constraint that the accounting port is always going to be the authentication port plus one. If you really must modify this behavior on freeRADIUS you might have to change the source code and build your own version.

Related Questions in PORT

Related Questions in FREERADIUS

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions