Hi, i want to accept all request coming from a specific nas-ip-assdress , i used to configure like this (in users file):<br><br>DEFAULT NAS-IP-Address == "192.168.150.25", Auth-Type := Accept<br> Fall-Through = Yes<br>
The above settings are not working now, this is the debug of a transaction:<br><br>rad_recv: Access-Request packet from host 192.168.150.25 port 1645, id=52, length=94<br> NAS-IP-Address = 192.168.150.25<br> NAS-Port = 108<br>
NAS-Port-Type = Async<br> User-Name = "<a href="http://123.com.sv">123.com.sv</a>"<br> Called-Station-Id = "22660321"<br> Calling-Station-Id = "22264218"<br> User-Password = "cisco"<br>
Service-Type = Dialout-Framed-User<br>+- entering group authorize {...}<br>++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap] returns noop<br>[suffix] No '@' in User-Name = "<a href="http://123.com.sv">123.com.sv</a>", looking up realm NULL<br>
[suffix] No such realm "NULL"<br>++[suffix] returns noop<br>[eap] No EAP-Message, not doing EAP<br>++[eap] returns noop<br>++[files] returns noop<br> expand: %{User-Name} -> <a href="http://123.com.sv">123.com.sv</a><br>
[sql] sql_set_user escaped user --> '<a href="http://123.com.sv">123.com.sv</a>'<br>rlm_sql (sql): Reserving sql socket id: 22<br> expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = '<a href="http://123.com.sv">123.com.sv</a>' ORDER BY id<br>
expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = '<a href="http://123.com.sv">123.com.sv</a>' ORDER BY priority<br>
rlm_sql (sql): Released sql socket id: 22<br>[sql] User <a href="http://123.com.sv">123.com.sv</a> not found<br>++[sql] returns notfound<br>++[expiration] returns noop<br>++[logintime] returns noop<br>[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.<br>
++[pap] returns noop<br>No authenticate method (Auth-Type) configuration found for the request: Rejecting the user<br>Failed to authenticate the user.<br>Login incorrect: [<a href="http://123.com.sv/cisco">123.com.sv/cisco</a>] (from client tigo port 108 cli 22264218)<br>
Using Post-Auth-Type Reject<br>+- entering group REJECT {...}<br> expand: %{User-Name} -> <a href="http://123.com.sv">123.com.sv</a><br> attr_filter: Matched entry DEFAULT at line 11<br>++[attr_filter.access_reject] returns updated<br>
Delaying reject of request 1 for 1 seconds<br>Going to the next request<br><br>
<br>Im using freeradius 2 and daloradius 0.9, and this a extract of relevant radius.conf settings:<br><br>authorize {<br> preprocess<br> chap<br> mschap<br> suffix<br> eap {<br> ok = return<br>
}<br><br> files<br> sql<br> expiration<br> logintime<br> pap<br>}<br><br><br><br>authenticate {<br> Auth-Type PAP {<br> pap<br> }<br><br> Auth-Type CHAP {<br>
chap<br> }<br><br> Auth-Type MS-CHAP {<br> mschap<br> }<br> eap<br>}<br><br><br>preacct {<br> preprocess<br> acct_unique<br> suffix<br> files<br>
}<br><br>accounting {<br> detail<br> sql<br> attr_filter.accounting_response<br>}<br><br><br>session {<br> radutmp<br>}<br><br><br>post-auth {<br><br><br><br><br><br> exec<br><br> Post-Auth-Type REJECT {<br>
attr_filter.access_reject<br> }<br>}<br><br>post-proxy {<br> eap<br>}<br><br><br>From the debug it appears that users file is not being processed correctly,<br>what should i check?<br>regards<br>
Miguel Miranda<br><br><br>