<span class="Apple-style-span" style="font-family: arial, sans-serif; font-size: 13px; border-collapse: collapse; ">Where did you create the user and password cisco?<div><br></div><div>A copy of your users configuration file would be great</div>
</span><br><div class="gmail_quote">On Thu, Dec 10, 2009 at 12:05 PM, g <span dir="ltr"><<a href="mailto:gerardocb@gmail.com">gerardocb@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
Where did you create the user and password cisco?<div><br></div><div>A copy of your users configuration file would be great.<div><div></div><div class="h5"><br><br><div class="gmail_quote">On Thu, Dec 10, 2009 at 11:03 AM, Alex Bahoor <span dir="ltr"><<a href="mailto:alexbahoor@sbcglobal.net" target="_blank">alexbahoor@sbcglobal.net</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div>
<p dir="LTR"><span lang="en-us"></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">Alan,</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">Radius -X is always on, and I went through the</font></span><span lang="en-us"> <font size="2" face="Courier New">clients.conf file. -X</font></span><span lang="en-us"><font size="2" face="Courier New"> gives a lot information, since you asked here is my understanding. I'm not a programmer</font></span><span lang="en-us"><font size="2" face="Courier New"> so some of them are cryptic to me. I put in comments to what I think they are, but t</font></span><span lang="en-us"><font size="2" face="Courier New">hey are only guesses. I would be very thankful if you can shed light</font></span><span lang="en-us"><font size="2" face="Courier New">s</font></span><span lang="en-us"><font size="2" face="Courier New"> on them.</font></span><span lang="en-us"><font size="2" face="Courier New"></font></span><span lang="en-us"> </span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">Also, there is</font></span><span lang="en-us"> <font size="2" face="Courier New">file experimental.conf stated in eap.conf, but did not exist. It may have some useful information.</font></span></p>
<p dir="LTR"><span lang="en-us"></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">root@Crest raddb]# radtest cisco cisco 127.0.0.1 200 testing123</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">Sending Access-Request of id 187 to 127.0.0.1 port 1812</font></span></p>
<p dir="LTR"><span lang="en-us"> <font size="2" face="Courier New">User-Name = "cisco"</font></span></p>
<p dir="LTR"><span lang="en-us"> <font size="2" face="Courier New">User-Password = "cisco"</font></span></p>
<p dir="LTR"><span lang="en-us"> <font size="2" face="Courier New">NAS-IP-Address = 127.0.0.1</font></span></p>
<p dir="LTR"><span lang="en-us"> <font size="2" face="Courier New">NAS-Port = 200</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">rad_recv: Access-Request packet from host 127.0.0.1 port 43663, id=187, length=57</font></span></p>
<p dir="LTR"><span lang="en-us"> <font size="2" face="Courier New">User-Name = "cisco"</font></span></p>
<p dir="LTR"><span lang="en-us"> <font size="2" face="Courier New">User-Password = "cisco"</font></span></p>
<p dir="LTR"><span lang="en-us"> <font size="2" face="Courier New">NAS-IP-Address = 127.0.0.1</font></span></p>
<p dir="LTR"><span lang="en-us"> <font size="2" face="Courier New">NAS-Port = 200</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">+- entering group authorize {...}</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">++[preprocess] returns ok</font></span><span lang="en-us"><font size="2" face="Courier New"> </font></span><span lang="en-us"> <font color="#FF0000" size="2" face="Courier New">;what is preprocess and what does it do?</font></span><span lang="en-us"></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">++[chap] returns noop</font></span><span lang="en-us"> <font size="2" face="Courier New">;</font></span><span lang="en-us"><font color="#FF0000" size="2" face="Courier New">I can tell that chap was not se</font></span><span lang="en-us"><font color="#FF0000" size="2" face="Courier New">lected as a</font></span><span lang="en-us"><font color="#FF0000" size="2" face="Courier New"> protocol</font></span><span lang="en-us"><font color="#FF0000" size="2" face="Courier New">, right?</font></span><span lang="en-us"></span></p>
<p dir="LTR"><span lang="en-us"></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">++[mschap] returns noop</font></span><span lang="en-us"> <font color="#FF0000" size="2" face="Courier New">;as above</font></span><span lang="en-us"></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">[suffix] No '@' in User-Name = "cisco", looking up realm NULL</font></span><span lang="en-us"><font size="2" face="Courier New"></font></span><span lang="en-us"> <font color="#FF0000" size="2" face="Courier New">;why @ is expected in a name or</font></span><span lang="en-us"> <font color="#FF0000" size="2" face="Courier New">password</font></span><span lang="en-us"><font color="#FF0000" size="2" face="Courier New">?</font></span><span lang="en-us"></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">[suffix] No such realm "NULL"</font></span><span lang="en-us"><font size="2" face="Courier New"></font></span><span lang="en-us"> <font color="#FF0000" size="2" face="Courier New">;what this mean?</font></span><span lang="en-us"></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">++[suffix] returns noop</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">[eap] No EAP-Message, not doing EAP</font></span><span lang="en-us"><font color="#FF0000" size="2" face="Courier New"> ;eap is not auth protocol.</font></span><span lang="en-us"></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">++[eap] returns noop</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">++[unix] returns notfound</font></span><span lang="en-us"> <font color="#FF0000" size="2" face="Courier New">;what is this?</font></span><span lang="en-us"></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">++[files] returns noop</font></span><span lang="en-us"> <font size="2" face="Courier New">?</font></span><span lang="en-us"></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">++[expiration] returns noop</font></span><span lang="en-us"> <font size="2" face="Courier New">?</font></span><span lang="en-us"></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">++[logintime] returns noop</font></span><span lang="en-us"> <font size="2" face="Courier New">?</font></span><span lang="en-us"></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.</font></span><span lang="en-us"> <font color="#FF0000" size="2" face="Courier New">;</font></span><span lang="en-us"><font color="#FF0000" size="2" face="Courier New">I</font></span><span lang="en-us"><font color="#FF0000" size="2" face="Courier New"> do have a password (cisco).</font></span><span lang="en-us"></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">++[pap] returns noop</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">No authenticate method (Auth-Type) configuration found for the request: Rejecting the user</font></span><span lang="en-us"> <font color="#FF0000" size="2" face="Courier New">;</font></span><span lang="en-us"><font color="#FF0000" size="2" face="Courier New">this look like authentication protocol is a must before the process can work, however,</font></span><span lang="en-us"> <font color="#FF0000" size="2" face="Courier New">eap.conf file is there and eap is uncommented out</font></span><span lang="en-us"> <font color="#FF0000" size="2" face="Courier New">with</font></span><span lang="en-us"><font color="#FF0000" size="2" face="Courier New"> it</font></span><span lang="en-us"><font color="#FF0000" size="2" face="Courier New">’</font></span><span lang="en-us"><font color="#FF0000" size="2" face="Courier New">s arguments. ?</font></span><span lang="en-us"></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">Failed to authenticate the user.</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">Using Post-Auth-Type Reject</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">+- entering group REJECT {...}</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">[attr_filter.access_reject] expand: %{User-Name} -> cisco</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New"> attr_filter: Matched entry DEFAULT at line 11</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">++[attr_filter.access_reject] returns updated</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">Delaying reject of request 5 for 1 seconds</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">Going to the next request</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">Waking up in 0.9 seconds.</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">Sending delayed reject for request 5</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">Sending Access-Reject of id 187 to 127.0.0.1 port 43663</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">Waking up in 4.9 seconds.</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=187, length=20</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">[root@Crest raddb]# Cleaning up request 5 ID 187 with timestamp +411</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">Ready to process requests.</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">Rgrds,</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">Alex</font></span><span lang="en-us"></span></p><div>
<p dir="LTR"><span lang="en-us"></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">-----Original Message-----<br>
From: freeradius-users-bounces+alexbahoor=<a href="http://sbcglobal.net" target="_blank">sbcglobal.net</a>@<a href="http://lists.freeradius.org" target="_blank">lists.freeradius.org</a> [<a href="mailto:freeradius-users-bounces+alexbahoor=sbcglobal.net@lists.freeradius.org" target="_blank">mailto:freeradius-users-bounces+alexbahoor=sbcglobal.net@lists.freeradius.org</a>] On Behalf Of Alan Buxey<br>
Sent: Thursday, December 10, 2009 2:07 AM<br>
To: FreeRadius users mailing list<br>
Subject: Re: Testing radius server</font></span><span lang="en-us"></span></p>
</div><div><div></div><div><p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">Hi,</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">> Now I know it's a config issue in the clients.conf, as radtest is failing. I</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">> set user name and password, but radius is sending a reject. This is the</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">> first time I'm using radius. So please bear with me. Can some one mail me</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">> example of the minimum required configuration that needed for the radius to</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">> work, no EAP or MSCAP ..etc. </font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">hey, guess what - 'radiusd -X' this will be far more useful than</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">throwing random recommendations to you.</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">have you followed basic guidance regarding hwo to use clients.conf</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">eg</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">testuser Cleartext-Password := "testpassword"</font></span></p>
<br>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">alan</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">-</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a></font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New"> </font></span></p>
</div></div><p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">__________ Information from ESET NOD32 Antivirus, version of virus signature database 4674 (20091209) __________</font></span></p><div>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">The message was checked by ESET NOD32 Antivirus.</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New"><a href="http://www.eset.com" target="_blank">http://www.eset.com</a></font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New"> </font></span></p>
</div><p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">__________ Information from ESET NOD32 Antivirus, version of virus signature database 4676 (20091210) __________</font></span></p><div>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">The message was checked by ESET NOD32 Antivirus.</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New"><a href="http://www.eset.com" target="_blank">http://www.eset.com</a></font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New"> </font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New"> </font></span></p>
</div><p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">__________ Information from ESET NOD32 Antivirus, version of virus signature database 4676 (20091210) __________</font></span></p><div>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New">The message was checked by ESET NOD32 Antivirus.</font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New"><a href="http://www.eset.com" target="_blank">http://www.eset.com</a></font></span></p>
<p dir="LTR"><span lang="en-us"><font size="2" face="Courier New"></font></span> </p>
</div></div>
<br>-<br>
List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br></blockquote></div><br></div></div></div>
</blockquote></div><br>