Help, authentication problems!!
miha-
miha_zoubek at hotmail.com
Mon Dec 6 08:23:28 CET 2010
Hello,
I am having problems with authentication. I chacked secret on NAS and on
Radius server. Bouth are some but the radius is keep telling to check the
secret.
What could be worng or I am missing ?
Thanks!!!
This is configuration on nas.
##----- Activate RADIUS connection
setProperty com.centile.connectors.aaa.watchdog.enable false
setProperty com.centile.connectors.aaa radius
setProperty com.centile.connectors.aaa.localserv intraswitch
setProperty com.centile.connectors.aaa.localpass b (secret)
setProperty com.centile.connectors.aaa.remotserv 1.2.3.4
setProperty com.centile.connectors.aaa.remotport 1812
setProperty com.centile.connectors.aaa.calltype any
--
This is in cliente.cong
client 212.13.228.58 {
secret = b
shortname = intraswitch
nastype = cisco
1. Sample
If I typed wrong pass in sql for user authentication I see password from
user connection (12345) but it is wrong (12 in sql).
In sample 2 I put right pass in sql for user, but you can see that is the
radius is showing me that is encrypted and saying me WARNING: Unprintable
characters in the password. Double-check the shared secret on the
server and the NAS! . why?
1.
Found Auth-Type = PAP
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group PAP {...}
[pap] login attempt with password "12345"
[pap] Using clear text password "12"
[pap] Passwords don't match
++[pap] returns reject
Failed to authenticate the user.
Using Post-Auth-Type Reject
# Executing group from file
2.
ap] returns noop
[sql] expand: %{User-Name} -> 081609000
[sql] sql_set_user escaped user --> '081609000'
rlm_sql (sql): Reserving sql socket id: 1
[sql] expand: SELECT id, username, attribute, value, op FROM
radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id
-> SELECT id, username, attribute, value, op FROM radcheck
WHERE username = '081609000' ORDER BY id
[sql] User found in radcheck table
[sql] expand: SELECT id, username, attribute, value, op FROM
radreply WHERE username = '%{SQL-User-Name}' ORDER BY id
-> SELECT id, username, attribute, value, op FROM radreply
WHERE username = '081609000' ORDER BY id
[sql] expand: SELECT groupname FROM radusergroup WHERE
username = '%{SQL-User-Name}' ORDER BY priority -> SELECT
groupname FROM radusergroup WHERE username = '081609000'
ORDER BY priority
[sql] expand: SELECT id, groupname, attribute, Value, op
FROM radgroupcheck WHERE groupname = '%{Sql-Group}'
ORDER BY id -> SELECT id, groupname, attribute, Value, op
FROM radgroupcheck WHERE groupname = 'static' ORDER BY
id
[sql] User found in group static
[sql] expand: SELECT id, groupname, attribute, value, op
FROM radgroupreply WHERE groupname = '%{Sql-Group}'
ORDER BY id -> SELECT id, groupname, attribute, value, op
FROM radgroupreply WHERE groupname = 'static' ORDER BY
id
rlm_sql (sql): Released sql socket id: 1
++[sql] returns ok
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns updated
Found Auth-Type = PAP
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group PAP {...}
[pap] login attempt with password "þqL?%"
[pap] Using clear text password "12345"
[pap] Passwords don't match
++[pap] returns reject
Failed to authenticate the user.
WARNING: Unprintable characters in the password. Double-check the
shared secret on the server and the NAS!
Using Post-Auth-Type Reject
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group REJECT {...}
[attr_filter.access_reject] expand: %{User-Name} -> 081609000
attr_filter: Matched entry DEFAULT at line 11
--
View this message in context: http://freeradius.1045715.n5.nabble.com/Help-authentication-problems-tp3293661p3293661.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
More information about the Freeradius-Users
mailing list