Rép. : Re: Auth problem's with Nortel baystack

It work well!


Thanks all for your answer!

Francis Provencher
Ministère de la Sécurité publique du Québec
Direction des technologies de l'information
Division de la sécurité informatique
Tél: 1 418 646-3258
BlackBery; 1 418 473 6419
Courriel:   Francis.provencher@Msp.gouv.qc.ca

CEH - Certified Ethical Hackers
SSCP - System Security Certified Practitionner
Sec+ - Security +


>>> "Ivan Kalik" <tnt@kalik.net> 2008-04-04 15:57 >>>
You need Service-Type = Administrative-User in reply as well. Add that
to
user entry.

Ivan Kalik
Kalik Informatika ISP


Dana 4/4/2008, "FRANCIS PROVENCHER"
<francis.provencher@msp.gouv.qc.ca>
pi*e:

>Hi all,
>
>I'm sorry if i'm double posting (Im not sure if the first message was
>sent correctly..Sorry if it's the second time you received this
>message..)
>
>When i connect with unix/localuser via telnet on my baystack switch i
>received message (Access Denied from Radius server)
>
>I take a look on log's from radius server and i see this;
>
>
>
>rad_recv: Access-Request packet from host 192.168.1.210 port 2048,
>id=13, length=59
>        NAS-IP-Address = 192.168.1.210
>        User-Password = "********"
>        Service-Type = Administrative-User
>        User-Name = "francis"
>+- entering group authorize
>++[preprocess] returns ok
>++[chap] returns noop
>++[mschap] returns noop
>    rlm_realm: No '@' in User-Name = "francis", looking up realm NULL
>    rlm_realm: No such realm "NULL"
>++[suffix] returns noop
>  rlm_eap: No EAP-Message, not doing EAP
>++[eap] returns noop
>++[unix] returns updated
>++[files] returns noop
>++[expiration] returns noop
>++[logintime] returns noop
>++[pap] returns updated
>  rad_check_password:  Found Auth-Type
>auth: type "PAP"
>+- entering group PAP
>rlm_pap: login attempt with password "***********"
>rlm_pap: Using CRYPT encryption.
>rlm_pap: User authenticated successfully
>++[pap] returns ok
>Login OK: [francis/*********] (from client switch port 0)
>Sending Access-Accept of id 13 to 192.168.1.210 port 2048
>Finished request 0.
>Going to the next request
>Waking up in 0.9 seconds.
>Waking up in 3.9 seconds.
>Cleaning up request 0 ID 13 with timestamp +970
>Ready to process requests.
>
>Some one understand what is going wrong with this?
>Why i cannot log on the switch if the username/password is ok an
>authenticate?
>
>Thanks for your help.
>
>
>Francis Provencher
>Minist*re de la Sécurité publique du Québec
>Direction des technologies de l'information
>Division de la sécurité informatique
>Tél: 1 418 646-3258
>BlackBery; 1 418 473 6419
>Courriel:   Francis.provencher@Msp.gouv.qc.ca 
>
>CEH - Certified Ethical Hackers
>SSCP - System Security Certified Practitionner
>Sec+ - Security +
>
>
>

-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html

BEGIN:VCARD
VERSION:2.1
X-GWTYPE:USER
FN:FRANCIS PROVENCHER
ORG:;DGSG/DTI
EMAIL;WORK;PREF;NGW:PROF01.SPSSO410@msp.gouv.qc.ca
N:PROVENCHER;FRANCIS
END:VCARD
This archive was generated by a fusion of Pipermail (Mailman edition) and MHonArc.