# Chillispot client did not get IP from server



## ryuusoultaker (Oct 19, 2011)

I have a server that installed with FreeRadius and the kernel already compiled so i can enable the PF. I have done all of the configuration and no error shown but I don't know why the client still can not get IP address from the server.
this is the configuration i use.

pf.conf

```
#
# Basic Chillispot PF Config
# A tweak of Example 1 from the PF FAQ
# [url]http://www.openbsd.org/faq/pf/example1.html[/url]
# By Venture37 
# [email]venture37@geeklan.co.uk[/email]
# [url]http://www.geeklan.co.uk[/url]

# macros
int_if = "em0"
ext_if = "em1"
chilli_if = "tun0"

tcp_services = "{ 25, 53, 80, 110, 113, 143, 443  }"
icmp_types = "echoreq"

priv_nets = "{ 127.0.0.0/8, 192.168.0.0/24, 192.168.1.0/24, 192.168.10.0/24 }"
        
# options
set block-policy return
set loginterface $ext_if

# scrub
scrub in all

# nat/rdr
nat on $ext_if from $chilli_if:network to any -> ($ext_if)

# filter rules
block all

pass quick on lo0 all

pass out quick on $inf_if proto tcp from any port $tcp_services to any keep state
pass in quick on $inf_if proto tcp from any to any port $tcp_services keep state

block drop in  quick on $ext_if from $priv_nets to any
block drop out quick on $ext_if from any to $priv_nets
block drop on $int_if all

pass in on $ext_if inet proto tcp from any to ($ext_if) \
   port $tcp_services flags S/SA keep state

pass in inet proto icmp all icmp-type $icmp_types keep state

pass in  on $chilli_if from $chilli_if:network to any keep state
pass out on $chilli_if from any to $chilli_if:network keep state

pass out on $ext_if proto tcp all modulate state flags S/SA
pass out on $ext_if proto { udp, icmp } all keep state
```

This is the configuration for chilli.conf

```
#TAG: fg
#fg

# TAG: debug
#debug

# TAG: interval
#interval 3600

# TAG: pidfile
#pidfile /var/run/chilli.pid

# TAG: statedir
#statedir ./


# TUN parameters

# TAG: net
net 192.168.182.0/24

# TAG: dynip
dynip 192.168.182.0/24

# TAG: statip
statip 192.168.182.0/24

# TAG: dns1
#dns1 172.16.0.5

# TAG: dns2
#dns2 172.16.0.6

# TAG: domain
#domain key.chillispot.info

# TAG: ipup
#ipup /etc/chilli.ipup

# TAG: ipdown
#ipdown /etc/chilli.ipdown

# Radius parameters

# TAG: radiuslisten
#radiuslisten 127.0.0.1

# TAG: radiusserver1
radiusserver1 127.0.0.1

# TAG: radiusserver2
radiusserver2 127.0.0.1

# TAG: radiusauthport
#radiusauthport 1812

# TAG: radiusacctport
#radiusacctport 1813

# TAG: radiussecret
radiussecret rainbow

# TAG: radiusnasid
#radiusnasid nas01

# TAG: radiuslocationid
#radiuslocationid isocc=us,cc=1,ac=408,network=ACMEWISP_NewarkAirport

# TAG: radiuslocationname
#radiuslocationname ACMEWISP,Gate_14_Terminal_C_of_Newark_Airport


# Radius proxy parameters

# TAG: proxylisten
#proxylisten 10.0.0.1

# TAG: proxyport
#proxyport 1645

# TAG: proxyclient
#proxyclient 10.0.0.1/24

# TAG: proxysecret
#proxysecret testing123

# DHCP Parameters
# TAG: dhcpif
dhcpif rl0

# TAG: dhcpmac
#dhcpmac 00:00:5E:00:02:00

# TAG: lease
#lease 600


# Universal access method (UAM) parameters
# TAG: uamserver
uamserver [url]http://192.168.182.1/cgi-bin/hotspotlogin.cgi[/url]

# TAG: uamhomepage
#uamhomepage [url]http://192.168.182.1/welcome.html[/url]

# TAG: uamsecret
#uamsecret ht2eb8ej6s4et3rg1ulp

# TAG: uamlisten
#uamlisten 192.168.182.1

# TAG: uamport
#uamport 3990

# TAG: uamallowed
#uamallowed [url]www.chillispot.org,10.11.12.0/24[/url]

# TAG: uamanydns
#uamanydns

# MAC authentication
# TAG: macauth
#macauth

# TAG: macallowed
#macallowed 00-0A-5E-AC-BE-51,00-30-1B-3C-32-E9

# TAG: macpasswd
#macpasswd password

# TAG: macsuffix
#macsuffix suffix
```

I think all of them works fine because when I use [cmd=]$ cat /etc/services | grep radius[/cmd] it gives a reply 

```
# IMPORTANT NOTE: Ports 1645/1646 are the traditional radius ports used by
#radius         1645/udp   #RADIUS authentication protocol (old)
radius          1812/udp   #RADIUS authentication protocol (IANA sanctioned)
```

when I test the radius with [cmd=]radtest jancuk jancuk12345 localhost 1812 s3cr3t[/cmd] it gives an answer

```
Sending Access-Request of id 188 to 127.0.0.1 port 1812
        User-Name = "jancuk"
        User-Password = "jancuk12345"
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 1812
rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=250, length=106
        Class = 0x30373032333435363738
        Session-Timeout = 3600
        Idle-Timeout = 600
        Acct-Interim-Interval = 60
        WISPr-Redirection-URL = "http://www.geeklan.co.uk"
        WISPr-Bandwidth-Max-Up = 128000
        WISPr-Bandwidth-Max-Down = 512000
```

and when I check the status of chillispot with [cmd=]/usr/local/etc/rc.d/chillispot status[/cmd] it gives an answer

```
chillispot is running as pid 1620
```

So can anybody help me with this situation? Because I really don't know why the client can get an IP address from the server. I used Linksys WRT54GL as the AP and I have turned off the dhcp client from the AP.

Best regards,
Ryuu


----------

