Have some questions - new to FreeRadius

Ivan Kalik tnt at kalik.net
Fri Apr 25 18:57:12 CEST 2008


Server needs a username and password stored somewhere in order to compare
with ones in the request. It doesn't work without it. Add entry for you
test user to users file and try again.

Ivan Kalik
Kalik informatika ISP


Dana 25/4/2008, "thekat" <thekewlcat at gmail.com> piše:

>I have not yet created the users file, just using the default one for
>testing..
>It is the standard client.conf (apologize if this is not what you are asking
>for)
>
>Some additional notes:
>All user accounts /passwords will be on the Radius Server, FirePass just
>talks to the Radius server.
>
>Here is the output from /local/sbin/radiusd -X
>---
>sm1gw1# /local/sbin/radiusd -X
>Starting - reading configuration files ...
>reread_config:  reading radiusd.conf
>Config:   including file: /usr/local/etc/raddb/proxy.conf
>Config:   including file: /usr/local/etc/raddb/clients.conf
>Config:   including file: /usr/local/etc/raddb/snmp.conf
>Config:   including file: /usr/local/etc/raddb/eap.conf
>Config:   including file: /usr/local/etc/raddb/sql.conf
> main: prefix = "/usr/local"
> main: localstatedir = "/usr/local/var"
> main: logdir = "/usr/local/var/log/radius"
> main: libdir = "/usr/local/lib"
> main: radacctdir = "/usr/local/var/log/radius/radacct"
> main: hostname_lookups = no
> main: snmp = no
> main: max_request_time = 30
> main: cleanup_delay = 5
> main: max_requests = 1024
> main: delete_blocked_requests = 0
> main: port = 0
> main: allow_core_dumps = no
> main: log_stripped_names = no
> main: log_file = "/usr/local/var/log/radius/radius.log"
> main: log_auth = no
> main: log_auth_badpass = no
> main: log_auth_goodpass = no
> main: pidfile = "/usr/local/var/run/radiusd/radiusd.pid"
> main: user = "(null)"
> main: group = "(null)"
> main: usercollide = no
> main: lower_user = "no"
> main: lower_pass = "no"
> main: nospace_user = "no"
> main: nospace_pass = "no"
> main: checkrad = "/usr/local/sbin/checkrad"
> main: proxy_requests = yes
> proxy: retry_delay = 5
> proxy: retry_count = 3
> proxy: synchronous = no
> proxy: default_fallback = yes
> proxy: dead_time = 120
> proxy: post_proxy_authorize = no
> proxy: wake_all_if_all_dead = no
> security: max_attributes = 200
> security: reject_delay = 1
> security: status_server = no
> main: debug_level = 0
>read_config_files:  reading dictionary
>read_config_files:  reading naslist
>Using deprecated naslist file.  Support for this will go away soon.
>read_config_files:  reading clients
>read_config_files:  reading realms
>radiusd:  entering modules setup
>Module: Library search path is /usr/local/lib
>Module: Loaded exec
> exec: wait = yes
> exec: program = "(null)"
> exec: input_pairs = "request"
> exec: output_pairs = "(null)"
> exec: packet_type = "(null)"
>rlm_exec: Wait=yes but no output defined. Did you mean output=none?
>Module: Instantiated exec (exec)
>Module: Loaded expr
>Module: Instantiated expr (expr)
>Module: Loaded PAP
> pap: encryption_scheme = "crypt"
> pap: auto_header = no
>Module: Instantiated pap (pap)
>Module: Loaded CHAP
>Module: Instantiated chap (chap)
>Module: Loaded MS-CHAP
> mschap: use_mppe = yes
> mschap: require_encryption = no
> mschap: require_strong = no
> mschap: with_ntdomain_hack = no
> mschap: passwd = "(null)"
> mschap: ntlm_auth = "(null)"
>Module: Instantiated mschap (mschap)
>Module: Loaded System
> unix: cache = no
> unix: passwd = "(null)"
> unix: shadow = "(null)"
> unix: group = "(null)"
> unix: radwtmp = "/usr/local/var/log/radius/radwtmp"
> unix: usegroup = no
> unix: cache_reload = 600
>Module: Instantiated unix (unix)
>Module: Loaded eap
> eap: default_eap_type = "md5"
> eap: timer_expire = 60
> eap: ignore_unknown_eap_types = no
> eap: cisco_accounting_username_bug = no
>rlm_eap: Loaded and initialized type md5
>rlm_eap: Loaded and initialized type leap
> gtc: challenge = "Password: "
> gtc: auth_type = "PAP"
>rlm_eap: Loaded and initialized type gtc
> mschapv2: with_ntdomain_hack = no
>rlm_eap: Loaded and initialized type mschapv2
>Module: Instantiated eap (eap)
>Module: Loaded preprocess
> preprocess: huntgroups = "/usr/local/etc/raddb/huntgroups"
> preprocess: hints = "/usr/local/etc/raddb/hints"
> preprocess: with_ascend_hack = no
> preprocess: ascend_channels_per_line = 23
> preprocess: with_ntdomain_hack = no
> preprocess: with_specialix_jetstream_hack = no
> preprocess: with_cisco_vsa_hack = no
> preprocess: with_alvarion_vsa_hack = no
>Module: Instantiated preprocess (preprocess)
>Module: Loaded realm
> realm: format = "suffix"
> realm: delimiter = "@"
> realm: ignore_default = no
> realm: ignore_null = no
>Module: Instantiated realm (suffix)
>Module: Loaded files
> files: usersfile = "/usr/local/etc/raddb/users"
> files: acctusersfile = "/usr/local/etc/raddb/acct_users"
> files: preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users"
> files: compat = "no"
>Module: Instantiated files (files)
>Module: Loaded Acct-Unique-Session-Id
> acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address,
>Client-IP-Address, NAS-Port"
>Module: Instantiated acct_unique (acct_unique)
>Module: Loaded detail
> detail: detailfile =
>"/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
> detail: detailperm = 384
> detail: dirperm = 493
> detail: locking = no
>Module: Instantiated detail (detail)
>Module: Loaded radutmp
> radutmp: filename = "/usr/local/var/log/radius/radutmp"
> radutmp: username = "%{User-Name}"
> radutmp: case_sensitive = yes
> radutmp: check_with_nas = yes
> radutmp: perm = 384
> radutmp: callerid = yes
>Module: Instantiated radutmp (radutmp)
>Listening on authentication *:1812
>Listening on accounting *:1813
>Ready to process requests.
>
>




More information about the Freeradius-Users mailing list