Auth problem's with Nortel baystack

Ivan Kalik tnt at kalik.net
Fri Apr 4 21:57:23 CEST 2008


You need Service-Type = Administrative-User in reply as well. Add that to
user entry.

Ivan Kalik
Kalik Informatika ISP


Dana 4/4/2008, "FRANCIS PROVENCHER" <francis.provencher at msp.gouv.qc.ca>
piše:

>Hi all,
>
>I'm sorry if i'm double posting (Im not sure if the first message was
>sent correctly..Sorry if it's the second time you received this
>message..)
>
>When i connect with unix/localuser via telnet on my baystack switch i
>received message (Access Denied from Radius server)
>
>I take a look on log's from radius server and i see this;
>
>
>
>rad_recv: Access-Request packet from host 192.168.1.210 port 2048,
>id=13, length=59
>        NAS-IP-Address = 192.168.1.210
>        User-Password = "********"
>        Service-Type = Administrative-User
>        User-Name = "francis"
>+- entering group authorize
>++[preprocess] returns ok
>++[chap] returns noop
>++[mschap] returns noop
>    rlm_realm: No '@' in User-Name = "francis", looking up realm NULL
>    rlm_realm: No such realm "NULL"
>++[suffix] returns noop
>  rlm_eap: No EAP-Message, not doing EAP
>++[eap] returns noop
>++[unix] returns updated
>++[files] returns noop
>++[expiration] returns noop
>++[logintime] returns noop
>++[pap] returns updated
>  rad_check_password:  Found Auth-Type
>auth: type "PAP"
>+- entering group PAP
>rlm_pap: login attempt with password "***********"
>rlm_pap: Using CRYPT encryption.
>rlm_pap: User authenticated successfully
>++[pap] returns ok
>Login OK: [francis/*********] (from client switch port 0)
>Sending Access-Accept of id 13 to 192.168.1.210 port 2048
>Finished request 0.
>Going to the next request
>Waking up in 0.9 seconds.
>Waking up in 3.9 seconds.
>Cleaning up request 0 ID 13 with timestamp +970
>Ready to process requests.
>
>Some one understand what is going wrong with this?
>Why i cannot log on the switch if the username/password is ok an
>authenticate?
>
>Thanks for your help.
>
>
>Francis Provencher
>Ministčre de la Sécurité publique du Québec
>Direction des technologies de l'information
>Division de la sécurité informatique
>Tél: 1 418 646-3258
>BlackBery; 1 418 473 6419
>Courriel:   Francis.provencher at Msp.gouv.qc.ca
>
>CEH - Certified Ethical Hackers
>SSCP - System Security Certified Practitionner
>Sec+ - Security +
>
>
>




More information about the Freeradius-Users mailing list