Dynamic-Clients

[Alan Buxey]

Hi,

> now i changed Dynamic-Clients file as follows
> 
> if ( "%{sql: SELECT nasname FROM nas WHERE nasname = '10.10.10.161'}") {
>          update control {
>                 freeradius-Client-IP-Address = "10.10.10.161"
>                 freeradius-Client-Secret = "testing123"
>                 freeradius-Client-Shortname = ""
>                 freeradius-Client-NAS-Type = "other"


<snip>

thats wrong..and wont work for obvious reasons. just use the file that comes with
the server and modify it as you need.

> # if ( "%{sql: SELECT nasname FROM nas WHERE nasname = '10.10.10.161'}") {
> update control {
>                 freeradius-Client-IP-Address = "%{Packet-Src-IP-Address}"
>                 freeradius-Client-Secret = "testing123"
>                 freeradius-Client-Shortname = ""
>                 freeradius-Client-NAS-Type = "other"
>                }

okay..so you are not using SQL now at all, just hardsetting the values...which is fine
if you know what the values should be...  note. you set the shared secret for ALL unknown
clients to be 'testing123' ....

...which, as you can see from the output....is wrong

>         User-Password = "1L\351\320v\233D\n]v\021\207\272華"

corrupt values in there....and look, the server even says so:

> Failed to authenticate the user.
>   WARNING: Unprintable characters in the password.        Double-check the shared secret on the server and the NAS!


please take just SOME time to read the output of the 'radiusd -X'

set the shared secret to be correct.....then look at the provided dynamic-clients
and modify it to your requirements - do you actually HAVE the required nas table in the SQL?


also, the server told you this:

> !!! Please update your configuration so that the "known good"
> !!!
> !!! clear text password is in Cleartext-Password, and not in User-Password.


please update your SQL table checkvalue accordingly.

username Cleartext-Password := password

(I expect you have username User-Password = password)

alan