right tutorial
Javier.Escalante at bwireless.eu
Javier.Escalante at bwireless.eu
Sun Jun 24 18:49:55 CEST 2018
Hello,
The way you described is the way I did, exactly like the wiki. And I
know what is the problem, what I cannot find is the way to solve it.
BR
Sent from my Huawei Mobile
-------- Original Message --------
Subject: Re: right tutorial
From: Uchenna Nebedum
To: FreeRadius users mailing list
CC:
Hi Javier, I'm a new user but from your debug output i think this is
the
problem
: WARNING: No "known good" password found for the user. Not setting
Auth
-Type
(0) pap: WARNING: Authentication will fail unless a "known good"
password
is ava
ilable
How did you insert the user into radcheck.
To insert password the sql statement is
Insert into radcheck (username, attribute, value, op) values('test',
'Cleartext-Password', 'test', ':=');
something of the sort. hope it helps.
On Sun, Jun 24, 2018, 14:57 Javier Escalante
wrote:
> Hello,
>
> Sorry guys, based on the answers of Alan, I might be stupid...I'll
explain
> another time and I hope this time I get some help:
>
> 1. I installed a fresh server (I have my all server already
configured and
> working since 4 years)
> 2. I installed freeradius 3.0.16 and mysql. No errors during
installation
> 3. I tested with user and password in file, and it worked
perfectly
> 4. I tested by putting the user test with password test in
radcheck and
> the authentication failed as it is shown further down.
> 5. I have searched in all kind of forums and obviously also in
> www.freeradius.org. No solution yet.
> 6. The sql seems to be working despite the include line is not
uncommented
> in radiusd.conf. Can somebody confirm?
>
> Can anybody give me a clue of how to solve this problem?
>
> Request:
>
> radtest test test localhost 10 1107
>
> Freeradius debug output:
>
> Ready to process requests
> (0) Received Access-Request Id 195 from 127.0.0.1:37474 to
127.0.0.1:1812
> length
> 74
> (0) User-Name = "test"
> (0) User-Password = "test"
> (0) NAS-IP-Address = 5.135.246.127
> (0) NAS-Port = 10
> (0) Message-Authenticator = 0x05270c450007175556849d0b38cc7a27
> (0) # Executing section authorize from file
> /etc/freeradius/3.0/sites-enabled/de
> fault
> (0) authorize {
> (0) [preprocess] = ok
> (0) [chap] = noop
> (0) [mschap] = noop
> (0) [digest] = noop
> (0) suffix: Checking for suffix after "@"
> (0) suffix: No '@' in User-Name = "test", looking up realm NULL
> (0) suffix: No such realm "NULL"
> (0) [suffix] = noop
> (0) eap: No EAP-Message, not doing EAP
> (0) [eap] = noop
> (0) [files] = noop
> (0) sql: EXPAND %{User-Name}
> (0) sql: --> test
> (0) sql: SQL-User-Name set to 'test'
> rlm_sql (sql): Reserved connection (0)
> (0) sql: EXPAND SELECT id, username, attribute, value, op FROM
radcheck
> WHERE us
> ername = '%{SQL-User-Name}' ORDER BY id
> (0) sql: --> SELECT id, username, attribute, value, op FROM
radcheck
> WHERE us
> ername = 'test' ORDER BY id
> (0) sql: Executing select query: SELECT id, username, attribute,
value, op
> FROM
> radcheck WHERE username = 'test' ORDER BY id
> (0) sql: EXPAND SELECT groupname FROM radusergroup WHERE username
=
> '%{SQL-User-
> Name}' ORDER BY priority
> (0) sql: --> SELECT groupname FROM radusergroup WHERE username =
'test'
> ORDER
> BY priority
> (0) sql: Executing select query: SELECT groupname FROM
radusergroup WHERE
> userna
> me = 'test' ORDER BY priority
> (0) sql: User not found in any groups
> rlm_sql (sql): Released connection (0)
> Need 5 more connections to reach 10 spares
> rlm_sql (sql): Opening additional connection (5), 1 of 27 pending
slots
> used
> (0) [sql] = notfound
> (0) [expiration] = noop
> (0) [logintime] = noop
> (0) pap: WARNING: No "known good" password found for the user. Not
> setting Auth
> -Type
> (0) pap: WARNING: Authentication will fail unless a "known good"
password
> is ava
> ilable
> (0) [pap] = noop
> (0) } # authorize = ok
> (0) ERROR: No Auth-Type found: rejecting the user via
Post-Auth-Type =
> Reject
> (0) Failed to authenticate the user
> (0) Using Post-Auth-Type Reject
> (0) # Executing group from file
/etc/freeradius/3.0/sites-enabled/default
> (0) Post-Auth-Type REJECT {
> (0) sql: EXPAND .query
> (0) sql: --> .query
> (0) sql: Using query template 'query'
> rlm_sql (sql): Reserved connection (1)
> (0) sql: EXPAND %{User-Name}
> (0) sql: --> test
> (0) sql: SQL-User-Name set to 'test'
> (0) sql: EXPAND INSERT INTO radpostauth (username, pass, reply,
authdate)
> VALUES
> ( '%{SQL-User-Name}',
> '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-
>
> Type}', '%S')
> (0) sql: --> INSERT INTO radpostauth (username, pass, reply,
authdate)
> VALUES
> ( 'test', 'test', 'Access-Reject', '2018-06-24 13:55:21')
> (0) sql: Executing query: INSERT INTO radpostauth (username, pass,
reply,
> authda
> te) VALUES ( 'test', 'test', 'Access-Reject', '2018-06-24
> 13:55:21')
> (0) sql: SQL query returned: success
> (0) sql: 1 record(s) updated
> rlm_sql (sql): Released connection (1)
> (0) [sql] = ok
> (0) attr_filter.access_reject: EXPAND %{User-Name}
> (0) attr_filter.access_reject: --> test
> (0) attr_filter.access_reject: Matched entry DEFAULT at line 11
> (0) [attr_filter.access_reject] = updated
> (0) [eap] = noop
> (0) policy remove_reply_message_if_eap {
> (0) if (&reply:EAP-Message && &reply:Reply-Message) {
> (0) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE
> (0) else {
> (0) [noop] = noop
> (0) } # else = noop
> (0) } # policy remove_reply_message_if_eap = noop
> (0) } # Post-Auth-Type REJECT = updated
> (0) Delaying response for 1.000000 seconds
> Waking up in 0.3 seconds.
> Waking up in 0.6 seconds.
> (0) Sending delayed response
> (0) Sent Access-Reject Id 195 from 127.0.0.1:1812 to
127.0.0.1:37474
> length 20
> Waking up in 3.9 seconds.
> (0) Cleaning up request packet ID 195 with timestamp +2
> Ready to process requests
>
> Thanks in advance
>
>
> BR
>
>
>
>
> Javier Escalante
> Business Development Manager
> Javier.escalante at bwireless.eu
> 00 34 626 785 675
> 00 34 93 141 56 36
> 00 41 78 689 85 69
> Skype: fruiz002
> Do you know our IoT solutions? Have a look here: www.bsmart.global
> http://www.bwireless.eu
> Le informamos que, de conformidad con la Ley Orgánica 15/1999, de
13 de
> diciembre, de Protección de Datos de Carácter Personal, se informa
que
> todos los datos personales que nos ha facilitado serán
incorporados y
> tratados en los ficheros de B’W & TAKACS TELECOM, S.L. para las
finalidades
> de su e-mail.
> Puede ejercer sus derechos de acceso, rectificación, cancelación y
> oposición mediante una comunicación a B’W & TAKACS TELECOM, S.L.
con
> domicilio en Camil Oliveras, 26, 08032 Barcelona (España), o bien
mediante
> una comunicación a la dirección de correo electrónico
info at bwireless.eu.
> En ambos casos, deberá acompañar una copia de su documento
nacional de
> identidad o documento válido que lo identifique.
>
>
> -----Original Message-----
> From: Freeradius-Users
[mailto:freeradius-users-bounces+javier.escalante=
> bwireless.eu at lists.freeradius.org] On Behalf Of Alan Buxey
> Sent: viernes, 22 de junio de 2018 20:06
> To: FreeRadius users mailing list
> Subject: Re: right tutorial
>
> hi,
>
> Could somebody tell us which tutorial /wiki can we follow in order
to
> > properly configure freeradius 3.0.16?
> >
>
> properly configure? you need to define what it is you are trying
to do.
> based on other replies there is history here that I havent seen
(or
> deleted amongst deluge of other posts) one persons
requirement/use-case
> rarely matches with another.
>
> take FreeRADIUS 3.0.16 - either built form source or via package.
then
> follow the guides (or read the docs in the config files
themselves) as
> required.
>
> DONT hack a load of the config around , start with basics (as per
docs)
>
>
> alan
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list