CHAP Problems
radius at kingmanaz.net
radius at kingmanaz.net
Thu Nov 24 13:42:28 CET 2005
I have tried to hire someone to help with my Radius over the last 6 month's
but have not been able to get it
working correctly.
I seem to be getting answers from my MySql database but when a CHAP request
comes in, it will not authorize and ells us Auth-Type already set. The
database
seems to be answering fine from local dialup, but when one comes in from
over
our Level3 network it errors out and won't allow them to connect.
I can provide a major city access number if that will help anyone for
testing also.
I'm also getting the run time error that it's using my realms file, but
there is nothing in that file as instructed.
I went to 1.0.5 and things improved a little that we started seeing the
response from the MySql database
but still nothing in CHAP. I'm sure I'm missing a setting somewhere because
of the Auth-Type warning.
If someone can actually help get this running that is well versed with
FreeRadius please give me a cost or if I
need to send the config files I can also do that.
Here is my debug print out.
Thanks
Waking up in 1 seconds...
rad_recv: Access-Request packet from host 216.127.146.29:61336, id=16,
length=231
User-Name = "awarren at surftheusa.com"
CHAP-Password = 0x01d84611071bc09d90932c0cb55f287648
NAS-IP-Address = 63.215.26.177
NAS-Port = 404
Service-Type = Framed-User
Framed-Protocol = PPP
Ascend-Data-Rate = 31200
Ascend-Calling-Id-Type-Of-Num = Unknown
Ascend-Calling-Id-Number-Plan = Unknown
Ascend-Xmit-Rate = 49333
Called-Station-Id = "9283774011"
Calling-Station-Id = "928-Deleted"
NAS-Identifier = "nas3.2az1.Level3.net"
Acct-Session-Id = "404029672"
NAS-Port-Type = Async
Ascend-NAS-Port-Format = 2_4_5_5
Vendor-7005-Attr-12 = 0x4469616c7570555341
Attr-102 = 0x6c33
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 14
hints: Matched other at 63
modcall[authorize]: module "preprocess" returns ok for request 14
radius_xlat: 'awarren'
rlm_sql (sql): sql_set_user escaped user --> 'awarren'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM
radcheck WHERE Username = 'awarren' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 2
rlm_sql_mysql: query: SELECT id, UserName, Attribute, Value, op
FROM radcheck WHERE Username = 'awarren' ORDER BY id
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'awarren' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
rlm_sql_mysql: query: SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'awarren' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM
radreply WHERE Username = 'awarren' ORDER BY id'
rlm_sql_mysql: query: SELECT id, UserName, Attribute, Value, op
FROM radreply WHERE Username = 'awarren' ORDER BY id
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'awarren' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql_mysql: query: SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'awarren' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id
rlm_sql (sql): Released sql socket id: 2
modcall[authorize]: module "sql" returns ok for request 14
rlm_chap: WARNING: Auth-Type already set. Not setting to CHAP
modcall[authorize]: module "chap" returns noop for request 14
rlm_realm: No '@' in User-Name = "awarren", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 14
users: Matched entry DEFAULT at line 174
users: Matched entry DEFAULT at line 205
modcall[authorize]: module "files" returns ok for request 14
modcall: group authorize returns ok for request 14
rad_check_password: Found Auth-Type Local
rad_check_password: Found Auth-Type System
Warning: Found 2 auth-types on request for user 'awarren'
auth: type "System"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 14
rlm_unix: Attribute "User-Password" is required for authentication. Cannot
use "CHAP-Password".
modcall[authenticate]: module "unix" returns invalid for request 14
modcall: group authenticate returns invalid for request 14
auth: Failed to validate the user.
Login incorrect: [awarren/<CHAP-Password>] (from client usa1 port 404 cli
9287572602)
Delaying request 14 for 1 seconds
Finished request 14
Going to the next request
Sending Access-Reject of id 14 to 216.127.146.30:56516
Waking up in 2 seconds...
rad_recv: Access-Request packet from host 216.127.146.30:56516, id=15,
length=231
User-Name = "awarren at surftheusa.com"
CHAP-Password = 0x0103a463bb5007b7eb6f49b6d4176c5386
NAS-IP-Address = 63.215.26.177
NAS-Port = 402
Service-Type = Framed-User
Framed-Protocol = PPP
Ascend-Data-Rate = 31200
Ascend-Calling-Id-Type-Of-Num = Unknown
Ascend-Calling-Id-Number-Plan = Unknown
Ascend-Xmit-Rate = 49333
Called-Station-Id = "9283774011"
Calling-Station-Id = "928-deleted"
NAS-Identifier = "nas3.2az1.Level3.net"
Acct-Session-Id = "404029734"
NAS-Port-Type = Async
Ascend-NAS-Port-Format = 2_4_5_5
Vendor-7005-Attr-12 = 0x4469616c7570555341
Attr-102 = 0x6c33
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 7
hints: Matched other at 63
modcall[authorize]: module "preprocess" returns ok for request 7
radius_xlat: 'awarren'
rlm_sql (sql): sql_set_user escaped user --> 'awarren'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM
radcheck WHERE Username = 'awarren' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 0
rlm_sql_mysql: query: SELECT id, UserName, Attribute, Value, op
FROM radcheck WHERE Username = 'awarren' ORDER BY id
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'awarren' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
rlm_sql_mysql: query: SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'awarren' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM
radreply WHERE Username = 'awarren' ORDER BY id'
rlm_sql_mysql: query: SELECT id, UserName, Attribute, Value, op
FROM radreply WHERE Username = 'awarren' ORDER BY id
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'awarren' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql_mysql: query: SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'awarren' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id
rlm_sql (sql): Released sql socket id: 0
modcall[authorize]: module "sql" returns ok for request 7
rlm_chap: WARNING: Auth-Type already set. Not setting to CHAP
modcall[authorize]: module "chap" returns noop for request 7
rlm_realm: No '@' in User-Name = "awarren", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 7
users: Matched entry DEFAULT at line 174
users: Matched entry DEFAULT at line 205
modcall[authorize]: module "files" returns ok for request 7
modcall: group authorize returns ok for request 7
rad_check_password: Found Auth-Type Local
rad_check_password: Found Auth-Type System
Warning: Found 2 auth-types on request for user 'awarren'
auth: type "System"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 7
rlm_unix: Attribute "User-Password" is required for authentication. Cannot
use "CHAP-Password".
modcall[authenticate]: module "unix" returns invalid for request 7
modcall: group authenticate returns invalid for request 7
auth: Failed to validate the user.
Login incorrect: [awarren/<CHAP-Password>] (from client usa1 port 402 cli
9287572602)
Delaying request 7 for 1 seconds
Finished request 7
Going to the next request
Waking up in 2 seconds...
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 2#Mime.822
Type: application/octet-stream
Size: 13133 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20051124/4dcacf16/attachment.obj>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: GWAVADAT.TXT
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20051124/4dcacf16/attachment.ksh>
More information about the Freeradius-Users
mailing list