right tutorial

Javier Escalante Javier.Escalante at bwireless.eu
Sun Jun 24 15:57:17 CEST 2018


Sorry guys, based on the answers of Alan, I might be stupid...I'll explain another time and I hope this time I get some help:

1. I installed a fresh server (I have my all server already configured and working since 4 years)
2. I installed freeradius 3.0.16 and mysql. No errors during installation
3. I tested with user and password in file, and it worked perfectly
4. I tested by putting the user test with password test in radcheck and the authentication failed as it is shown further down.
5. I have searched in all kind of forums and obviously also in www.freeradius.org. No solution yet.
6. The sql seems to be working despite the include line is not uncommented in radiusd.conf. Can somebody confirm?

Can anybody give me a clue of how to solve this problem?


radtest test test localhost 10 1107

Freeradius debug output:

Ready to process requests
(0) Received Access-Request Id 195 from to length                                                                                         74
(0)   User-Name = "test"
(0)   User-Password = "test"
(0)   NAS-IP-Address =
(0)   NAS-Port = 10
(0)   Message-Authenticator = 0x05270c450007175556849d0b38cc7a27
(0) # Executing section authorize from file /etc/freeradius/3.0/sites-enabled/de                                                                                        fault
(0)   authorize {
(0)     [preprocess] = ok
(0)     [chap] = noop
(0)     [mschap] = noop
(0)     [digest] = noop
(0) suffix: Checking for suffix after "@"
(0) suffix: No '@' in User-Name = "test", looking up realm NULL
(0) suffix: No such realm "NULL"
(0)     [suffix] = noop
(0) eap: No EAP-Message, not doing EAP
(0)     [eap] = noop
(0)     [files] = noop
(0) sql: EXPAND %{User-Name}
(0) sql:    --> test
(0) sql: SQL-User-Name set to 'test'
rlm_sql (sql): Reserved connection (0)
(0) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE us                                                                                        ername = '%{SQL-User-Name}' ORDER BY id
(0) sql:    --> SELECT id, username, attribute, value, op FROM radcheck WHERE us                                                                                        ername = 'test' ORDER BY id
(0) sql: Executing select query: SELECT id, username, attribute, value, op FROM                                                                                         radcheck WHERE username = 'test' ORDER BY id
(0) sql: EXPAND SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-                                                                                        Name}' ORDER BY priority
(0) sql:    --> SELECT groupname FROM radusergroup WHERE username = 'test' ORDER                                                                                         BY priority
(0) sql: Executing select query: SELECT groupname FROM radusergroup WHERE userna                                                                                        me = 'test' ORDER BY priority
(0) sql: User not found in any groups
rlm_sql (sql): Released connection (0)
Need 5 more connections to reach 10 spares
rlm_sql (sql): Opening additional connection (5), 1 of 27 pending slots used
(0)     [sql] = notfound
(0)     [expiration] = noop
(0)     [logintime] = noop
(0) pap: WARNING: No "known good" password found for the user.  Not setting Auth                                                                                        -Type
(0) pap: WARNING: Authentication will fail unless a "known good" password is ava                                                                                        ilable
(0)     [pap] = noop
(0)   } # authorize = ok
(0) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = Reject
(0) Failed to authenticate the user
(0) Using Post-Auth-Type Reject
(0) # Executing group from file /etc/freeradius/3.0/sites-enabled/default
(0)   Post-Auth-Type REJECT {
(0) sql: EXPAND .query
(0) sql:    --> .query
(0) sql: Using query template 'query'
rlm_sql (sql): Reserved connection (1)
(0) sql: EXPAND %{User-Name}
(0) sql:    --> test
(0) sql: SQL-User-Name set to 'test'
(0) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) VALUES                                                                                         ( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-                                                                                        Type}', '%S')
(0) sql:    --> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES                                                                                         ( 'test', 'test', 'Access-Reject', '2018-06-24 13:55:21')
(0) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, authda                                                                                        te) VALUES ( 'test', 'test', 'Access-Reject', '2018-06-24 13:55:21')
(0) sql: SQL query returned: success
(0) sql: 1 record(s) updated
rlm_sql (sql): Released connection (1)
(0)     [sql] = ok
(0) attr_filter.access_reject: EXPAND %{User-Name}
(0) attr_filter.access_reject:    --> test
(0) attr_filter.access_reject: Matched entry DEFAULT at line 11
(0)     [attr_filter.access_reject] = updated
(0)     [eap] = noop
(0)     policy remove_reply_message_if_eap {
(0)       if (&reply:EAP-Message && &reply:Reply-Message) {
(0)       if (&reply:EAP-Message && &reply:Reply-Message)  -> FALSE
(0)       else {
(0)         [noop] = noop
(0)       } # else = noop
(0)     } # policy remove_reply_message_if_eap = noop
(0)   } # Post-Auth-Type REJECT = updated
(0) Delaying response for 1.000000 seconds
Waking up in 0.3 seconds.
Waking up in 0.6 seconds.
(0) Sending delayed response
(0) Sent Access-Reject Id 195 from to length 20
Waking up in 3.9 seconds.
(0) Cleaning up request packet ID 195 with timestamp +2
Ready to process requests

Thanks in advance


Javier Escalante
Business Development Manager
Javier.escalante at bwireless.eu 
00 34 626 785 675
00 34 93 141 56 36
00 41 78 689 85 69
Skype: fruiz002
Do you know our IoT solutions? Have a look here: www.bsmart.global
Le informamos que, de conformidad con la Ley Orgánica 15/1999, de 13 de diciembre, de Protección de Datos de Carácter  Personal, se informa que todos los datos personales que nos ha facilitado serán incorporados y tratados en los ficheros de B’W & TAKACS TELECOM, S.L. para las finalidades de su e-mail. 
Puede ejercer sus derechos de acceso, rectificación, cancelación y oposición mediante una comunicación a B’W & TAKACS TELECOM, S.L. con domicilio en Camil Oliveras, 26, 08032 Barcelona (España), o bien mediante una comunicación a la dirección de correo electrónico info at bwireless.eu. En ambos casos, deberá  acompañar una copia de su documento nacional de identidad o documento válido que lo identifique. 

-----Original Message-----
From: Freeradius-Users [mailto:freeradius-users-bounces+javier.escalante=bwireless.eu at lists.freeradius.org] On Behalf Of Alan Buxey
Sent: viernes, 22 de junio de 2018 20:06
To: FreeRadius users mailing list
Subject: Re: right tutorial


Could somebody tell us which tutorial /wiki can we follow in order to
> properly configure freeradius 3.0.16?

properly configure?  you need to define what it is you are trying to do.
based on other replies there is history here that I havent seen (or deleted amongst deluge of other posts) one persons requirement/use-case rarely matches with another.

take FreeRADIUS 3.0.16 - either built form source or via package.   then
follow the guides (or read the docs in the config files themselves) as required.

DONT hack a load of the config around , start with basics (as per docs)

List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list