<table cellspacing="0" cellpadding="0" border="0" ><tr><td valign="top" style="font: inherit;">thanks for the reply:<br><br>well, i had tried other configuration for "users":<br><br>bob Cleartext-Password = "bob"<br> Juniper-Local-User-Name = "labrat"<br><br>labrat is local login user id so that all of radius users will be mapped to that user. unfortunately, it is also failed though with no warning messages:<br><br>rad_recv: Access-Request packet from host 192.168.255.138 port 55206, id=152, length=57<br> User-Name = "bob"<br> User-Password = "bob"<br> NAS-Identifier = "lab-r8"<br> NAS-IP-Address = 150.150.0.1<br>+- entering group authorize {...}<br>++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap]
returns noop<br>[suffix] No '@' in User-Name = "bob", looking up realm NULL<br>[suffix] No such realm "NULL"<br>++[suffix] returns noop<br>[eap] No EAP-Message, not doing EAP<br>++[eap] returns noop<br>++[unix] returns notfound<br>++[files] returns noop<br>++[expiration] returns noop<br>++[logintime] returns noop<br>[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.<br>++[pap] returns noop<br>No authenticate method (Auth-Type) configuration found for the request: Rejecting the user<br>Failed to authenticate the user.<br>Using Post-Auth-Type Reject<br>+- entering group REJECT {...}<br>[attr_filter.access_reject] expand: %{User-Name} -> bob<br> attr_filter: Matched entry DEFAULT at line 11<br>++[attr_filter.access_reject] returns updated<br>Delaying reject of request 0 for 1 seconds<br>Going to the next request<br>Waking up in 0.9 seconds.<br>Sending delayed reject for
request 0<br>Sending Access-Reject of id 152 to 192.168.255.138 port 55206<br>Waking up in 4.9 seconds.<br>rad_recv: Access-Request packet from host 192.168.255.138 port 55206, id=152, length=57<br>Sending duplicate reply to client r8 port 55206 - ID: 152<br>Sending Access-Reject of id 152 to 192.168.255.138 port 55206<br>Waking up in 2.9 seconds.<br>Cleaning up request 0 ID 152 with timestamp +9<br>Ready to process requests.<br>rad_recv: Access-Request packet from host 192.168.255.138 port 55206, id=152, length=57<br> User-Name = "bob"<br> User-Password = "bob"<br> NAS-Identifier = "lab-r8"<br> NAS-IP-Address = 150.150.0.1<br>+- entering group authorize {...}<br>++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap] returns noop<br>[suffix] No '@' in User-Name = "bob", looking
up realm NULL<br>[suffix] No such realm "NULL"<br>++[suffix] returns noop<br>[eap] No EAP-Message, not doing EAP<br>++[eap] returns noop<br>++[unix] returns notfound<br>++[files] returns noop<br>++[expiration] returns noop<br>++[logintime] returns noop<br>[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.<br>++[pap] returns noop<br>No authenticate method (Auth-Type) configuration found for the request: Rejecting the user<br>Failed to authenticate the user.<br>Using Post-Auth-Type Reject<br>+- entering group REJECT {...}<br>[attr_filter.access_reject] expand: %{User-Name} -> bob<br> attr_filter: Matched entry DEFAULT at line 11<br>++[attr_filter.access_reject] returns updated<br>Delaying reject of request 1 for 1 seconds<br>Going to the next request<br>Waking up in 0.9 seconds.<br>Sending delayed reject for request 1<br>Sending Access-Reject of id 152 to
192.168.255.138 port 55206<br>Waking up in 4.9 seconds.<br>Cleaning up request 1 ID 152 with timestamp +15<br>Ready to process requests.<br><br><br><br><br>--- On <b>Sun, 9/19/10, Daniel Woodruffe <i><danny.woodruffe@yahoo.co.uk></i></b> wrote:<br><blockquote style="border-left: 2px solid rgb(16, 16, 255); margin-left: 5px; padding-left: 5px;"><br>From: Daniel Woodruffe <danny.woodruffe@yahoo.co.uk><br>Subject: Re: still not working (newbie for radius)<br>To: "FreeRadius users mailing list" <freeradius-users@lists.freeradius.org><br>Date: Sunday, September 19, 2010, 3:57 PM<br><br><div id="yiv831027620"><table border="0" cellpadding="0" cellspacing="0"><tbody><tr><td style="font: inherit;" valign="top"><br>I think it tells you in your debug what the problem is Gahn:<br><br>Found Auth-Type = Local<br>WARNING: Please update your configuration, and remove 'Auth-Type = Local'<br><br><br><br>--- On <b>Sun, 19/9/10, gahn
<i><ipfreak@yahoo.com></i></b> wrote:<br><blockquote style="border-left: 2px solid rgb(16, 16, 255); margin-left: 5px; padding-left: 5px;"><br>From: gahn <ipfreak@yahoo.com><br>Subject: still not working (newbie for radius)<br>To: freeradius-users@lists.freeradius.org<br>Date: Sunday, 19 September, 2010, 22:35<br><br><div class="yiv831027620plainMail">Hi all:<br><br>I apologize for the emails for such simple issue...:)<br><br>it is still not working. I have done all of your guys advised and tried to read through the documents, but...:(<br><br>here is my "client.conf" file:<br><br>client 192.168.255.138 {<br>
secret = testing123<br> nastype = juniper<br>}<br><br>for my "users" file:<br><br>bob Auth-Type := Local<br> User-Password = "bob",<br> Juniper-Local-User-Name = "labrat"<br><br>I started radius with "radiusd -X" and also started tcpdump process.<br><br>here is what i got from freerediaus debugging:<br><br>rad_recv: Access-Request packet from host 192.168.255.138 port 54462, id=202, length=57<br> User-Name = "bob"<br> User-Password = "bob"<br> NAS-Identifier = "lab-r8"<br> NAS-IP-Address = 150.150.0.1<br>+- entering group authorize {...}<br>++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap] returns noop<br>[suffix] No '@' in User-Name = "bob", looking up realm
NULL<br>[suffix] No such realm "NULL"<br>++[suffix] returns noop<br>[eap] No EAP-Message, not doing EAP<br>++[eap] returns noop<br>++[unix] returns notfound<br>[files] users: Matched entry bob at line 1<br>++[files] returns ok<br>++[expiration] returns noop<br>++[logintime] returns noop<br>[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.<br>++[pap] returns noop<br>Found Auth-Type = Local<br>WARNING: Please update your configuration, and remove 'Auth-Type = Local'<br>WARNING: Use the PAP or CHAP modules instead.<br>No "known good" password was configured for the user.<br>As a result, we cannot authenticate the user.<br>Failed to authenticate the user.<br>Using Post-Auth-Type Reject<br>+- entering group REJECT {...}<br>[attr_filter.access_reject] expand: %{User-Name} -> bob<br> attr_filter: Matched entry DEFAULT at line 11<br>++[attr_filter.access_reject] returns
updated<br>Delaying reject of request 0 for 1 seconds<br>Going to the next request<br>Waking up in 0.9 seconds.<br>Sending delayed reject for request 0<br>Sending Access-Reject of id 202 to 192.168.255.138 port 54462<br>Waking up in 4.9 seconds.<br>rad_recv: Access-Request packet from host 192.168.255.138 port 54462, id=202, length=57<br>Sending duplicate reply to client r8 port 54462 - ID: 202<br>Sending Access-Reject of id 202 to 192.168.255.138 port 54462<br>Waking up in 2.9 seconds.<br>Cleaning up request 0 ID 202 with timestamp +11<br>rad_recv: Access-Request packet from host 192.168.255.138 port 54462, id=202, length=57<br> User-Name = "bob"<br> User-Password = "bob"<br> NAS-Identifier = "lab-r8"<br> NAS-IP-Address = 150.150.0.1<br>+- entering group authorize {...}<br>++[preprocess] returns ok<br>++[chap] returns noop<br>++[mschap] returns
noop<br>[suffix] No '@' in User-Name = "bob", looking up realm NULL<br>[suffix] No such realm "NULL"<br>++[suffix] returns noop<br>[eap] No EAP-Message, not doing EAP<br>++[eap] returns noop<br>++[unix] returns notfound<br>[files] users: Matched entry bob at line 1<br>++[files] returns ok<br>++[expiration] returns noop<br>++[logintime] returns noop<br>[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.<br>++[pap] returns noop<br>Found Auth-Type = Local<br>WARNING: Please update your configuration, and remove 'Auth-Type = Local'<br>WARNING: Use the PAP or CHAP modules instead.<br>No "known good" password was configured for the user.<br>As a result, we cannot authenticate the user.<br>Failed to authenticate the user.<br>Using Post-Auth-Type Reject<br>+- entering group REJECT {...}<br>[attr_filter.access_reject] expand: %{User-Name} -> bob<br> attr_filter: Matched entry
DEFAULT at line 11<br>++[attr_filter.access_reject] returns updated<br>Delaying reject of request 1 for 1 seconds<br>Going to the next request<br>Waking up in 0.9 seconds.<br>Sending delayed reject for request 1<br>Sending Access-Reject of id 202 to 192.168.255.138 port 54462<br>Waking up in 4.9 seconds.<br>Cleaning up request 1 ID 202 with timestamp +18<br>Ready to process requests.<br><br>for tcpdump:<br><br>17:07:11.998936 IP 192.168.255.138.54462 > 192.168.255.128.radius: RADIUS, Access Request (1), id: 0xca length: 57<br>17:07:14.999487 IP 192.168.255.138.54462 > 192.168.255.128.radius: RADIUS, Access Request (1), id: 0xca length: 57<br><br><br>Interestingly, I only saw 'Access Request" came in, but I didn't see Access Reject messages.<br><br>any help would be greatly appreciated.<br><br>gahn<br><br><br> <br>-<br>List info/subscribe/unsubscribe? See <a rel="nofollow" target="_blank"
href="http://www.freeradius.org/list/users.html">http://www.freeradius.org/list/users.html</a><br></div></blockquote></td></tr></tbody></table><br>
</div><br>-----Inline Attachment Follows-----<br><br><div class="plainMail">-<br>List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a></div></blockquote></td></tr></table><br>