| Hello all. Just started out with Freeradius and got it installed and working (Debian Etch, FR 1.1.4). Im hooked up our firewall to authenticate to FR-server and the "link" works, so i guess the basics are ok. Now i have added a user in the system and in the Users-file: test-system Auth-Type := System, User-Password == "test-system" Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Address = 10.0.5.7, Framed-IP-Netmask = 255.255.255.0, Framed-Routing = Broadcast-Listen, Framed-Filter-Id = "std.ppp", Framed-MTU = 1500, Fall-Through = yes, Framed-Compression = Van-Jacobsen-TCP-IP When i connect to my FR-server i get this: rad_recv: Access-Request packet from host 10.0.5.1:56509, id=132, length=182 NAS-Identifier = "halon" NAS-IP-Address = 10.0.5.1 Message-Authenticator = 0x3f0dd3b6a7a3fd31e874e22721f5073d NAS-Port = 0 NAS-Port-Type = Virtual Service-Type = Framed-User Framed-Protocol = PPP Calling-Station-Id = "10.0.8.184" User-Name = "test-system" MS-CHAP-Challenge = 0xbb1e68a886add6f65e6e9af66c709bfd MS-CHAP2-Response = 0x01000a3194599cecfe61460a4942c9671fe70000000000000000a5f8bab30f7bdf466407edd2d7be2e97969a1a918def8d2c Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 rlm_mschap: Found MS-CHAP attributes. Setting 'Auth-Type = mschap' modcall[authorize]: module "mschap" returns ok for request 0 rlm_realm: No '@' in User-Name = "test-system", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 0 users: Matched entry test-system at line 101 users: Matched entry DEFAULT at line 185 users: Matched entry DEFAULT at line 204 users: Matched entry DEFAULT at line 216 modcall[authorize]: module "files" returns ok for request 0 modcall: leaving group authorize (returns ok) for request 0 rad_check_password: Found Auth-Type System auth: type "System" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 0 rlm_unix: Attribute "User-Password" is required for authentication. modcall[authenticate]: module "unix" returns invalid for request 0 modcall: leaving group authenticate (returns invalid) for request 0 auth: Failed to validate the user. Login incorrect: [test-system/<no User-Password attribute>] (from client halon port 0 cli 10.0.8.184) Delaying request 0 for 1 seconds Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Sending Access-Reject of id 132 to 10.0.5.1 port 56509 Waking up in 4 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 132 with timestamp 465ab8d7 So, my firewall talks MS_CHAP, i haven't touched the radiusd.conf and its in there under authenticate {.. Now im stuck, i really don't know where else to look for, tried google but everything pointed to this wonderful list! I tried to change auth-type = Local but same problem. Maybe the problem lies here: rlm_realm: No '@' in User-Name = "test-system", looking up realm NULL rlm_realm: No such realm "NULL" But i can't tell. Any thoughts, solutions, pointers to right directions are greatly appreciated! Many thanks. p |