freeradius Failed to authenticate (mysql)

Fri Dec 11 01:57:32 CET 2015

hi everyone ,

 i config freeradius 3.0,when i execute radtest ,reponse error , "ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject" , i try my best to find answer , but i can't resolve this problem ,please , i would be appreciated ,thanks!

Received Access-Request Id 135 from 127.0.0.1:45824 to 127.0.0.1:1812 length 74
        User-Name = 'test'
        User-Password = 'test'
        NAS-IP-Address = 10.117.14.105
        NAS-Port = 1812
        Message-Authenticator = 0x6795d9c62f8c6b82dd3e6e6a0ad0c275
(0) Received Access-Request packet from host 127.0.0.1 port 45824, id=135, length=74
(0)     User-Name = 'test'
(0)     User-Password = 'test'
(0)     NAS-IP-Address = 10.117.14.105
(0)     NAS-Port = 1812
(0)     Message-Authenticator = 0x6795d9c62f8c6b82dd3e6e6a0ad0c275
(0) # Executing section authorize from file /etc/raddb/sites-enabled/default
(0)   authorize {
(0)   filter_username filter_username {
(0)     if (!&User-Name)
(0)     if (!&User-Name)  -> FALSE
(0)     if (&User-Name =~ / /)
(0)     if (&User-Name =~ / /)  -> FALSE
(0)     if (&User-Name =~ /@.*@/ )
(0)     if (&User-Name =~ /@.*@/ )  -> FALSE
(0)     if (&User-Name =~ /\\.\\./ )
(0)     if (&User-Name =~ /\\.\\./ )  -> FALSE
(0)     if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\\.(.+)$/))
(0)     if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\\.(.+)$/))   -> FALSE
(0)     if (&User-Name =~ /\\.$/)
(0)     if (&User-Name =~ /\\.$/)   -> FALSE
(0)     if (&User-Name =~ /@\\./)
(0)     if (&User-Name =~ /@\\./)   -> FALSE
(0)   } # filter_username filter_username = notfound
(0)   [preprocess] = ok
(0)   [chap] = noop
(0)   [mschap] = noop
(0)   [digest] = noop
(0)  suffix : Checking for suffix after "@"
(0)  suffix : No '@' in User-Name = "test", looking up realm NULL
(0)  suffix : No such realm "NULL"
(0)   [suffix] = noop
(0)  eap : No EAP-Message, not doing EAP
(0)   [eap] = noop
(0)  sql : EXPAND %{User-Name}
(0)  sql :    --> test
(0)  sql : SQL-User-Name set to 'test'
rlm_sql (sql): Reserved connection (4)
(0)  sql : EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id
(0)  sql :    --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'test' ORDER BY id
rlm_sql (sql): Executing query: 'SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'test' ORDER BY id'
(0)  sql : User found in radcheck table
Found User-Password == "..."
Are you sure you don't mean Cleartext-Password?
See "man rlm_pap" for more information
(0)  sql : Check items matched
(0)  sql : EXPAND SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id
(0)  sql :    --> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'test' ORDER BY id
rlm_sql (sql): Executing query: 'SELECT id, username, attribute, value, op FROM radreply WHERE username = 'test' ORDER BY id'
(0)  sql : EXPAND SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority
(0)  sql :    --> SELECT groupname FROM radusergroup WHERE username = 'test' ORDER BY priority
rlm_sql (sql): Executing query: 'SELECT groupname FROM radusergroup WHERE username = 'test' ORDER BY priority'
(0)  sql : User found in the group table
(0)  sql : EXPAND SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id
(0)  sql :    --> SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = 'user' ORDER BY id
rlm_sql (sql): Executing query: 'SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = 'user' ORDER BY id'
(0)  sql : Group "user" check items matched
(0)  sql : EXPAND SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '%{Sql-Group}' ORDER BY id
(0)  sql :    --> SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = 'user' ORDER BY id
rlm_sql (sql): Executing query: 'SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = 'user' ORDER BY id'
(0)  sql : Group "user" reply items processed
rlm_sql (sql): Released connection (4)
(0)   [sql] = ok
(0)   [expiration] = noop
(0)   [logintime] = noop
(0)  WARNING: pap : No "known good" password found for the user.  Not setting Auth-Type
(0)  WARNING: pap : Authentication will fail unless a "known good" password is available
(0)   [pap] = noop
(0)  } #  authorize = ok
(0) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject
(0) Failed to authenticate the user
(0) Using Post-Auth-Type Reject
(0) # Executing group from file /etc/raddb/sites-enabled/default
(0)  Post-Auth-Type REJECT {
(0)  sql : EXPAND .query
(0)  sql :    --> .query
(0)  sql : Using query template 'query'
rlm_sql (sql): Reserved connection (4)
(0)  sql : EXPAND %{User-Name}
(0)  sql :    --> test
(0)  sql : SQL-User-Name set to 'test'
(0)  sql : EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '                          %S')
(0)  sql :    --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'test', 'test', 'Access-Reject', '2015-12-09 23:33:01')
rlm_sql (sql): Executing query: 'INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'test', 'test', 'Access-Reject', '2015-12-09 23:33:01')'
rlm_sql (sql): Released connection (4)
(0)   [sql] = ok
(0)  attr_filter.access_reject : EXPAND %{User-Name}
(0)  attr_filter.access_reject :    --> test
(0)  attr_filter.access_reject : Matched entry DEFAULT at line 11
(0)   [attr_filter.access_reject] = updated
(0)  } # Post-Auth-Type REJECT = updated
(0) Delaying response for 1 seconds
Waking up in 0.3 seconds.
Waking up in 0.6 seconds.
(0) Sending delayed response
(0) Sending Access-Reject packet to host 127.0.0.1 port 45824, id=135, length=0
Sending Access-Reject Id 135 from 127.0.0.1:1812 to 127.0.0.1:45824
Waking up in 3.9 seconds.
(0) Cleaning up request packet ID 135 with timestamp +6
Ready to process requests