Categories
blog network server windows

FreeRadius.net service doesn’t work

The FreeRadius.net package built for windows uses the XYZservice.exe wrapper tool to start a normal application as a service. However on Windows 2008 and higher the service starts but RADIUS is not listening on the configured ports. You can check if it is listening with netstat.
netstat -an | findstr 1812

The Debug mode of FreeRadius.net (using the provided batch file) however works fine. It seems the built radiusd.exe will not start with the default options on Windows 2008 and higher. You can check this by manually starting from a command prompt:
C:\FreeRADIUS.net\bin\radiusd.exe -f -d C:/FreeRADIUS.net/etc/raddb
So that is the reason why the service doesn’t start.

Solution: COnfigure the XYZservice to start the application with the debug parameters.
Edit C:\FreeRADIUS.net\bin\XYZservice.ini
change:
CommandLine = C:\FreeRADIUS.net\bin\radiusd.exe -d C:/FreeRADIUS.net/etc/raddb -AX

Now if you start the FreeRadius.net service and check with netstat you will see the RADIUSD.exe listening

Categories
blog howto network virtualization windows

Delete or show hidden no longer active or present network adapters Device Manager

Open a command prompt. Start: RUN -> CMD (OK)
At the prompt type:
set devmgr_show_nonpresent_devices=1
At the prompt type:
start devmgmt.msc
In the menu view, click on “Show hidden devices”.
Now go to network adapters and uninstall the ones that you were looking to uninstall, it will be greyed out.

Categories
blog howto network

VPN tunnel between Netscreen and Cisco

Recently I had some troubles setting up a VPN between a Netscreen and a Cisco device from the remote party.

We had agreed upon a Preshared Key and 3DES/SHA1 encryption/hash algorithms using main mode and DH group 2. The Cisco side had added group 2 to their isamkp setting but they could not add the same group command to the transform command so my Phase2 had NOPFS set while my Phase1 was DH group 2.

The tunnel still did not come up, debugging was not useful as it was the Netscreen that initiated the tunnel every time and the log just showed an answer from the Cisco with “no proposal chosen”. After looking into their config and a hint on the internet, I configured the proxyID on the tunnel with local address = my WAN IP and remote address = their WAN IP. And that did the trick, tunnel was up.

Categories
blog network

FORTIGATE : Static routes must have lower distance then default GW

Had this problem on a Fortigate 60B & 60C. Static routes did not work as expected.
The static route did not work until the distance was set to 1 which is lower than the 0.0.0.0 default route who has distance 10. Maybe this is not a bug, but intended behaviour. On Netscreen the 0.0.0.0 default route is always the last to be applied and all other static routes go first.