Hmmm. probably not the case, here is my 'users' file:<br><br>=================<br>root@djea-ubuntu:/usr/local/etc/raddb# <br>root@djea-ubuntu:/usr/local/etc/raddb# more users<br>#<br># Please read the documentation file ../doc/processing_users_file,<br>
# or 'man 5 users' (after installing the server) for more information.<br>#<br># This file contains authentication security and configuration<br># information for each user. Accounting requests are NOT processed<br>
# through this file. Instead, see 'acct_users', in this directory.<br>#<br># The first field is the user's name and can be up to<br># 253 characters in length. This is followed (on the same line) with<br>
# the list of authentication requirements for that user. This can<br># include password, comm server name, comm server port number, protocol<br># type (perhaps set by the "hints" file), and huntgroup name (set by<br>
# the "huntgroups" file).<br>#<br># If you are not sure why a particular reply is being sent by the<br># server, then run the server in debugging mode (radiusd -X), and<br># you will see which entries in this file are matched.<br>
#<br># When an authentication request is received from the comm server,<br># these values are tested. Only the first match is used unless the<br># "Fall-Through" variable is set to "Yes".<br>#<br>
# A special user named "DEFAULT" matches on all usernames.<br># You can have several DEFAULT entries. All entries are processed<br># in the order they appear in this file. The first entry that<br># matches the login-request will stop processing unless you use<br>
# the Fall-Through variable.<br>#<br># If you use the database support to turn this file into a .db or .dbm<br># file, the DEFAULT entries _have_ to be at the end of this file and<br># you can't have multiple entries for one username.<br>
#<br># Indented (with the tab character) lines following the first<br># line indicate the configuration values to be passed back to<br># the comm server to allow the initiation of a user session.<br># This can include things like the PPP configuration values<br>
# or the host to log the user onto.<br>#<br># You can include another `users' file with `$INCLUDE users.other'<br>#<br><br>#<br># For a list of RADIUS attributes, and links to their definitions,<br># see:<br>
#<br># <a href="http://www.freeradius.org/rfc/attributes.html">http://www.freeradius.org/rfc/attributes.html</a><br>#<br><br>#<br># Deny access for a specific user. Note that this entry MUST<br># be before any other 'Auth-Type' attribute which results in the user<br>
# being authenticated.<br>#<br># Note that there is NO 'Fall-Through' attribute, so the user will not<br># be given any additional resources.<br>#<br>#lameuser Auth-Type := Reject<br># Reply-Message = "Your account has been disabled."<br>
<br>#<br># Deny access for a group of users.<br>#<br># Note that there is NO 'Fall-Through' attribute, so the user will not<br># be given any additional resources.<br>#<br>#DEFAULT Group == "disabled", Auth-Type := Reject<br>
# Reply-Message = "Your account has been disabled."<br>#<br><br>#<br># This is a complete entry for "steve". Note that there is no Fall-Through<br># entry so that no DEFAULT entry will be used, and the user will NOT<br>
# get any attributes in addition to the ones listed here.<br>#<br>#steve Cleartext-Password := "testing"<br># Service-Type = Framed-User,<br># Framed-Protocol = PPP,<br># Framed-IP-Address = 172.16.3.33,<br>
# Framed-IP-Netmask = 255.255.255.0,<br># Framed-Routing = Broadcast-Listen,<br># Framed-Filter-Id = "std.ppp",<br># Framed-MTU = 1500,<br># Framed-Compression = Van-Jacobsen-TCP-IP<br><br>#<br># This is an entry for a user with a space in their name.<br>
# Note the double quotes surrounding the name.<br>#<br>#"John Doe" Cleartext-Password := "hello"<br># Reply-Message = "Hello, %{User-Name}"<br><br>#<br># Dial user back and telnet to the default host for that port<br>
#<br>#Deg Cleartext-Password := "ge55ged"<br># Service-Type = Callback-Login-User,<br># Login-IP-Host = 0.0.0.0,<br># Callback-Number = "9,5551212",<br># Login-Service = Telnet,<br># Login-TCP-Port = Telnet<br>
<br>#<br># Another complete entry. After the user "dialbk" has logged in, the<br># connection will be broken and the user will be dialed back after which<br># he will get a connection to the host "timeshare1".<br>
#<br>#dialbk Cleartext-Password := "callme"<br># Service-Type = Callback-Login-User,<br># Login-IP-Host = timeshare1,<br># Login-Service = PortMaster,<br># Callback-Number = "9,1-800-555-1212"<br>
<br>#<br># user "swilson" will only get a static IP number if he logs in with<br># a framed protocol on a terminal server in Alphen (see the huntgroups file).<br>#<br># Note that by setting "Fall-Through", other attributes will be added from<br>
# the following DEFAULT entries<br>#<br>#swilson Service-Type == Framed-User, Huntgroup-Name == "alphen"<br># Framed-IP-Address = 192.168.1.65,<br># Fall-Through = Yes<br><br>#<br># If the user logs in as 'username.shell', then authenticate them<br>
# using the default method, give them shell access, and stop processing<br># the rest of the file.<br>#<br>#DEFAULT Suffix == ".shell"<br># Service-Type = Login-User,<br># Login-Service = Telnet,<br>
# Login-IP-Host = your.shell.machine<br><br><br>#<br># The rest of this file contains the several DEFAULT entries.<br># DEFAULT entries match with all login names.<br># Note that DEFAULT entries can also Fall-Through (see first entry).<br>
# A name-value pair from a DEFAULT entry will _NEVER_ override<br># an already existing name-value pair.<br>#<br><br>#<br># Set up different IP address pools for the terminal servers.<br># Note that the "+" behind the IP address means that this is the "base"<br>
# IP address. The Port-Id (S0, S1 etc) will be added to it.<br>#<br>#DEFAULT Service-Type == Framed-User, Huntgroup-Name == "alphen"<br># Framed-IP-Address = 192.168.1.32+,<br># Fall-Through = Yes<br>
<br>#DEFAULT Service-Type == Framed-User, Huntgroup-Name == "delft"<br># Framed-IP-Address = 192.168.2.32+,<br># Fall-Through = Yes<br><br>#<br># Sample defaults for all framed connections.<br>#<br>
#DEFAULT Service-Type == Framed-User<br># Framed-IP-Address = 255.255.255.254,<br># Framed-MTU = 576,<br># Service-Type = Framed-User,<br># Fall-Through = Yes<br><br>#<br># Default for PPP: dynamic IP address, PPP mode, VJ-compression.<br>
# NOTE: we do not use Hint = "PPP", since PPP might also be auto-detected<br># by the terminal server in which case there may not be a "P" suffix.<br># The terminal server sends "Framed-Protocol = PPP" for auto PPP.<br>
#<br>DEFAULT Framed-Protocol == PPP<br> Framed-Protocol = PPP,<br> Framed-Compression = Van-Jacobson-TCP-IP<br><br>#<br># Default for CSLIP: dynamic IP address, SLIP mode, VJ-compression.<br>#<br>DEFAULT Hint == "CSLIP"<br>
Framed-Protocol = SLIP,<br> Framed-Compression = Van-Jacobson-TCP-IP<br><br>#<br># Default for SLIP: dynamic IP address, SLIP mode.<br>#<br>DEFAULT Hint == "SLIP"<br> Framed-Protocol = SLIP<br><br>#<br>
# Last default: rlogin to our main server.<br>#<br>#DEFAULT<br># Service-Type = Login-User,<br># Login-Service = Rlogin,<br># Login-IP-Host = <a href="http://shellbox.ispdomain.com">shellbox.ispdomain.com</a><br>
<br># #<br># # Last default: shell on the local terminal server.<br># #<br># DEFAULT<br># Service-Type = Administrative-User<br><br># On no match, the user is denied access.<br><br>steve Cleartext-Password := "testing"<br>
test Cleartext-Password := "test"<br><br><br>root@djea-ubuntu:/usr/local/etc/raddb# <br><br><br>===============<br><br>Thanks,<br>David<br><br><br><br><br><br><div class="gmail_quote">On Fri, Oct 29, 2010 at 2:45 PM, William Burnett <span dir="ltr"><<a href="mailto:burnett.w@gmail.com">burnett.w@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">It appears you have your Auth-Type set to EAP (Auth-Type = EAP) in<br>
your users file.. Do not set the Auth-Type, the RADIUS server is smart<br>
enough to figure it out based on the Access-Request packet.<br>
<br>
Just set your user w/ the following:<br>
<br>
UserName Cleartext-Password := "password"<br>
<any additional attributes you require><br>
<br>
Sincerely,<br>
<br>
William Burnett<br>
<a href="mailto:burnett.w@gmail.com">burnett.w@gmail.com</a><br>
<div><div></div><div class="h5"><br>
<br>
<br>
On Fri, Oct 29, 2010 at 11:57 AM, David Jea <<a href="http://dcjea.ee" target="_blank">dcjea.ee</a>@<a href="http://gmail.com" target="_blank">gmail.com</a>> wrote:<br>
> Hi,<br>
><br>
> I installed freeradius and have radtest passed. Playing with it with Cisco<br>
> gears. The system includes freeRadius (ip: 60.60.0.9 on vlan 660) and Cisco<br>
> controller(ip: 60.62.0.11)/AP (on vlan 662). Using a Windows 7 laptop +<br>
> Intel 6200 wifi chipset as the client.<br>
><br>
> I understand LEAP is not secure, but it is simple, so this is just hope see<br>
> if they can all work together. However, client was unable to connect. Here<br>
> are the debug outputs from 'radiusd -X'. Please let me know if you have some<br>
> clues on what might go wrong.<br>
><br>
> Thank you,<br>
><br>
> David<br>
> ================================<br>
><br>
> root@djea-ubuntu:/usr/local/etc/raddb#<br>
> root@djea-ubuntu:/usr/local/etc/raddb# radiusd -X<br>
> FreeRADIUS Version 2.1.10, for host i686-pc-linux-gnu, built on Oct 27 2010<br>
> at 00:44:31<br>
> Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.<br>
> There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A<br>
> PARTICULAR PURPOSE.<br>
> You may redistribute copies of FreeRADIUS under the terms of the<br>
> GNU General Public License v2.<br>
> Starting - reading configuration files ...<br>
> including configuration file /usr/local/etc/raddb/radiusd.conf<br>
> including configuration file /usr/local/etc/raddb/proxy.conf<br>
> including configuration file /usr/local/etc/raddb/clients.conf<br>
> including files in directory /usr/local/etc/raddb/modules/<br>
> including configuration file /usr/local/etc/raddb/modules/exec<br>
> including configuration file /usr/local/etc/raddb/modules/etc_group<br>
> including configuration file /usr/local/etc/raddb/modules/pam<br>
> including configuration file /usr/local/etc/raddb/modules/krb5<br>
> including configuration file /usr/local/etc/raddb/modules/detail<br>
> including configuration file /usr/local/etc/raddb/modules/counter<br>
> including configuration file /usr/local/etc/raddb/modules/realm<br>
> including configuration file /usr/local/etc/raddb/modules/always<br>
> including configuration file /usr/local/etc/raddb/modules/ippool<br>
> including configuration file /usr/local/etc/raddb/modules/cui<br>
> including configuration file /usr/local/etc/raddb/modules/sradutmp<br>
> including configuration file /usr/local/etc/raddb/modules/smsotp<br>
> including configuration file /usr/local/etc/raddb/modules/ntlm_auth<br>
> including configuration file /usr/local/etc/raddb/modules/opendirectory<br>
> including configuration file /usr/local/etc/raddb/modules/otp<br>
> including configuration file /usr/local/etc/raddb/modules/preprocess<br>
> including configuration file /usr/local/etc/raddb/modules/files<br>
> including configuration file /usr/local/etc/raddb/modules/passwd<br>
> including configuration file /usr/local/etc/raddb/modules/pap<br>
> including configuration file /usr/local/etc/raddb/modules/checkval<br>
> including configuration file /usr/local/etc/raddb/modules/digest<br>
> including configuration file /usr/local/etc/raddb/modules/unix<br>
> including configuration file /usr/local/etc/raddb/modules/radutmp<br>
> including configuration file /usr/local/etc/raddb/modules/linelog<br>
> including configuration file /usr/local/etc/raddb/modules/perl<br>
> including configuration file /usr/local/etc/raddb/modules/<a href="http://detail.example.com" target="_blank">detail.example.com</a><br>
> including configuration file<br>
> /usr/local/etc/raddb/modules/sqlcounter_expire_on_login<br>
> including configuration file /usr/local/etc/raddb/modules/echo<br>
> including configuration file /usr/local/etc/raddb/modules/inner-eap<br>
> including configuration file /usr/local/etc/raddb/modules/sql_log<br>
> including configuration file /usr/local/etc/raddb/modules/attr_rewrite<br>
> including configuration file /usr/local/etc/raddb/modules/ldap<br>
> including configuration file /usr/local/etc/raddb/modules/dynamic_clients<br>
> including configuration file /usr/local/etc/raddb/modules/expiration<br>
> including configuration file /usr/local/etc/raddb/modules/wimax<br>
> including configuration file /usr/local/etc/raddb/modules/expr<br>
> including configuration file /usr/local/etc/raddb/modules/mschap<br>
> including configuration file /usr/local/etc/raddb/modules/smbpasswd<br>
> including configuration file /usr/local/etc/raddb/modules/chap<br>
> including configuration file /usr/local/etc/raddb/modules/mac2vlan<br>
> including configuration file /usr/local/etc/raddb/modules/acct_unique<br>
> including configuration file /usr/local/etc/raddb/modules/attr_filter<br>
> including configuration file /usr/local/etc/raddb/modules/mac2ip<br>
> including configuration file /usr/local/etc/raddb/modules/policy<br>
> including configuration file /usr/local/etc/raddb/modules/detail.log<br>
> including configuration file /usr/local/etc/raddb/modules/logintime<br>
> including configuration file /usr/local/etc/raddb/eap.conf<br>
> including configuration file /usr/local/etc/raddb/policy.conf<br>
> including files in directory /usr/local/etc/raddb/sites-enabled/<br>
> including configuration file /usr/local/etc/raddb/sites-enabled/inner-tunnel<br>
> including configuration file<br>
> /usr/local/etc/raddb/sites-enabled/control-socket<br>
> including configuration file /usr/local/etc/raddb/sites-enabled/default<br>
> main {<br>
> allow_core_dumps = no<br>
> }<br>
> including dictionary file /usr/local/etc/raddb/dictionary<br>
> main {<br>
> prefix = "/usr/local"<br>
> localstatedir = "/usr/local/var"<br>
> logdir = "/usr/local/var/log/radius"<br>
> libdir = "/usr/local/lib"<br>
> radacctdir = "/usr/local/var/log/radius/radacct"<br>
> hostname_lookups = no<br>
> max_request_time = 30<br>
> cleanup_delay = 5<br>
> max_requests = 1024<br>
> pidfile = "/usr/local/var/run/radiusd/radiusd.pid"<br>
> checkrad = "/usr/local/sbin/checkrad"<br>
> debug_level = 0<br>
> proxy_requests = yes<br>
> log {<br>
> stripped_names = no<br>
> auth = no<br>
> auth_badpass = no<br>
> auth_goodpass = no<br>
> }<br>
> security {<br>
> max_attributes = 200<br>
> reject_delay = 1<br>
> status_server = yes<br>
> }<br>
> }<br>
> radiusd: #### Loading Realms and Home Servers ####<br>
> proxy server {<br>
> retry_delay = 5<br>
> retry_count = 3<br>
> default_fallback = no<br>
> dead_time = 120<br>
> wake_all_if_all_dead = no<br>
> }<br>
> home_server localhost {<br>
> ipaddr = 127.0.0.1<br>
> port = 1812<br>
> type = "auth"<br>
> secret = "testing123"<br>
> response_window = 20<br>
> max_outstanding = 65536<br>
> require_message_authenticator = yes<br>
> zombie_period = 40<br>
> status_check = "status-server"<br>
> ping_interval = 30<br>
> check_interval = 30<br>
> num_answers_to_alive = 3<br>
> num_pings_to_alive = 3<br>
> revive_interval = 120<br>
> status_check_timeout = 4<br>
> irt = 2<br>
> mrt = 16<br>
> mrc = 5<br>
> mrd = 30<br>
> }<br>
> home_server_pool my_auth_failover {<br>
> type = fail-over<br>
> home_server = localhost<br>
> }<br>
> realm <a href="http://example.com" target="_blank">example.com</a> {<br>
> auth_pool = my_auth_failover<br>
> }<br>
> realm LOCAL {<br>
> }<br>
> radiusd: #### Loading Clients ####<br>
> client localhost {<br>
> ipaddr = 127.0.0.1<br>
> require_message_authenticator = no<br>
> secret = "testing123"<br>
> nastype = "other"<br>
> }<br>
> client 60.62.0.11 {<br>
> require_message_authenticator = no<br>
> secret = "abcd"<br>
> shortname = "TalwarDjea"<br>
> nastype = "other"<br>
> }<br>
> radiusd: #### Instantiating modules ####<br>
> instantiate {<br>
> Module: Linked to module rlm_exec<br>
> Module: Instantiating module "exec" from file<br>
> /usr/local/etc/raddb/modules/exec<br>
> exec {<br>
> wait = no<br>
> input_pairs = "request"<br>
> shell_escape = yes<br>
> }<br>
> Module: Linked to module rlm_expr<br>
> Module: Instantiating module "expr" from file<br>
> /usr/local/etc/raddb/modules/expr<br>
> Module: Linked to module rlm_expiration<br>
> Module: Instantiating module "expiration" from file<br>
> /usr/local/etc/raddb/modules/expiration<br>
> expiration {<br>
> reply-message = "Password Has Expired "<br>
> }<br>
> Module: Linked to module rlm_logintime<br>
> Module: Instantiating module "logintime" from file<br>
> /usr/local/etc/raddb/modules/logintime<br>
> logintime {<br>
> reply-message = "You are calling outside your allowed timespan "<br>
> minimum-timeout = 60<br>
> }<br>
> }<br>
> radiusd: #### Loading Virtual Servers ####<br>
> server inner-tunnel { # from file<br>
> /usr/local/etc/raddb/sites-enabled/inner-tunnel<br>
> modules {<br>
> Module: Checking authenticate {...} for more modules to load<br>
> Module: Linked to module rlm_pap<br>
> Module: Instantiating module "pap" from file<br>
> /usr/local/etc/raddb/modules/pap<br>
> pap {<br>
> encryption_scheme = "auto"<br>
> auto_header = no<br>
> }<br>
> Module: Linked to module rlm_chap<br>
> Module: Instantiating module "chap" from file<br>
> /usr/local/etc/raddb/modules/chap<br>
> Module: Linked to module rlm_mschap<br>
> Module: Instantiating module "mschap" from file<br>
> /usr/local/etc/raddb/modules/mschap<br>
> mschap {<br>
> use_mppe = yes<br>
> require_encryption = no<br>
> require_strong = no<br>
> with_ntdomain_hack = no<br>
> }<br>
> Module: Linked to module rlm_unix<br>
> Module: Instantiating module "unix" from file<br>
> /usr/local/etc/raddb/modules/unix<br>
> unix {<br>
> radwtmp = "/usr/local/var/log/radius/radwtmp"<br>
> }<br>
> Module: Linked to module rlm_eap<br>
> Module: Instantiating module "eap" from file /usr/local/etc/raddb/eap.conf<br>
> eap {<br>
> default_eap_type = "md5"<br>
> timer_expire = 60<br>
> ignore_unknown_eap_types = no<br>
> cisco_accounting_username_bug = no<br>
> max_sessions = 4096<br>
> }<br>
> Module: Linked to sub-module rlm_eap_md5<br>
> Module: Instantiating eap-md5<br>
> Module: Linked to sub-module rlm_eap_leap<br>
> Module: Instantiating eap-leap<br>
> Module: Linked to sub-module rlm_eap_gtc<br>
> Module: Instantiating eap-gtc<br>
> gtc {<br>
> challenge = "Password: "<br>
> auth_type = "PAP"<br>
> }<br>
> Ignoring EAP-Type/tls because we do not have OpenSSL support.<br>
> Ignoring EAP-Type/ttls because we do not have OpenSSL support.<br>
> Ignoring EAP-Type/peap because we do not have OpenSSL support.<br>
> Module: Linked to sub-module rlm_eap_mschapv2<br>
> Module: Instantiating eap-mschapv2<br>
> mschapv2 {<br>
> with_ntdomain_hack = no<br>
> }<br>
> Module: Checking authorize {...} for more modules to load<br>
> Module: Linked to module rlm_realm<br>
> Module: Instantiating module "suffix" from file<br>
> /usr/local/etc/raddb/modules/realm<br>
> realm suffix {<br>
> format = "suffix"<br>
> delimiter = "@"<br>
> ignore_default = no<br>
> ignore_null = no<br>
> }<br>
> Module: Linked to module rlm_files<br>
> Module: Instantiating module "files" from file<br>
> /usr/local/etc/raddb/modules/files<br>
> files {<br>
> usersfile = "/usr/local/etc/raddb/users"<br>
> acctusersfile = "/usr/local/etc/raddb/acct_users"<br>
> preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users"<br>
> compat = "no"<br>
> }<br>
> Module: Checking session {...} for more modules to load<br>
> Module: Linked to module rlm_radutmp<br>
> Module: Instantiating module "radutmp" from file<br>
> /usr/local/etc/raddb/modules/radutmp<br>
> radutmp {<br>
> filename = "/usr/local/var/log/radius/radutmp"<br>
> username = "%{User-Name}"<br>
> case_sensitive = yes<br>
> check_with_nas = yes<br>
> perm = 384<br>
> callerid = yes<br>
> }<br>
> Module: Checking post-proxy {...} for more modules to load<br>
> Module: Checking post-auth {...} for more modules to load<br>
> Module: Linked to module rlm_attr_filter<br>
> Module: Instantiating module "attr_filter.access_reject" from file<br>
> /usr/local/etc/raddb/modules/attr_filter<br>
> attr_filter attr_filter.access_reject {<br>
> attrsfile = "/usr/local/etc/raddb/attrs.access_reject"<br>
> key = "%{User-Name}"<br>
> }<br>
> } # modules<br>
> } # server<br>
> server { # from file /usr/local/etc/raddb/radiusd.conf<br>
> modules {<br>
> Module: Checking authenticate {...} for more modules to load<br>
> Module: Linked to module rlm_digest<br>
> Module: Instantiating module "digest" from file<br>
> /usr/local/etc/raddb/modules/digest<br>
> Module: Checking authorize {...} for more modules to load<br>
> Module: Linked to module rlm_preprocess<br>
> Module: Instantiating module "preprocess" from file<br>
> /usr/local/etc/raddb/modules/preprocess<br>
> preprocess {<br>
> huntgroups = "/usr/local/etc/raddb/huntgroups"<br>
> hints = "/usr/local/etc/raddb/hints"<br>
> with_ascend_hack = no<br>
> ascend_channels_per_line = 23<br>
> with_ntdomain_hack = no<br>
> with_specialix_jetstream_hack = no<br>
> with_cisco_vsa_hack = no<br>
> with_alvarion_vsa_hack = no<br>
> }<br>
> Module: Checking preacct {...} for more modules to load<br>
> Module: Linked to module rlm_acct_unique<br>
> Module: Instantiating module "acct_unique" from file<br>
> /usr/local/etc/raddb/modules/acct_unique<br>
> acct_unique {<br>
> key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address,<br>
> NAS-Port"<br>
> }<br>
> Module: Checking accounting {...} for more modules to load<br>
> Module: Linked to module rlm_detail<br>
> Module: Instantiating module "detail" from file<br>
> /usr/local/etc/raddb/modules/detail<br>
> detail {<br>
> detailfile =<br>
> "/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"<br>
> header = "%t"<br>
> detailperm = 384<br>
> dirperm = 493<br>
> locking = no<br>
> log_packet_header = no<br>
> }<br>
> Module: Instantiating module "attr_filter.accounting_response" from file<br>
> /usr/local/etc/raddb/modules/attr_filter<br>
> attr_filter attr_filter.accounting_response {<br>
> attrsfile = "/usr/local/etc/raddb/attrs.accounting_response"<br>
> key = "%{User-Name}"<br>
> }<br>
> Module: Checking session {...} for more modules to load<br>
> Module: Checking post-proxy {...} for more modules to load<br>
> Module: Checking post-auth {...} for more modules to load<br>
> } # modules<br>
> } # server<br>
> radiusd: #### Opening IP addresses and Ports ####<br>
> listen {<br>
> type = "auth"<br>
> ipaddr = *<br>
> port = 0<br>
> }<br>
> listen {<br>
> type = "acct"<br>
> ipaddr = *<br>
> port = 0<br>
> }<br>
> listen {<br>
> type = "control"<br>
> listen {<br>
> socket = "/usr/local/var/run/radiusd/radiusd.sock"<br>
> }<br>
> }<br>
> listen {<br>
> type = "auth"<br>
> ipaddr = 127.0.0.1<br>
> port = 18120<br>
> }<br>
> Listening on authentication address * port 1812<br>
> Listening on accounting address * port 1813<br>
> Listening on command file /usr/local/var/run/radiusd/radiusd.sock<br>
> Listening on authentication address 127.0.0.1 port 18120 as server<br>
> inner-tunnel<br>
> Listening on proxy address * port 1814<br>
> Ready to process requests.<br>
> rad_recv: Access-Request packet from host 60.62.0.11 port 32768, id=64,<br>
> length=171<br>
> User-Name = "test"<br>
> Calling-Station-Id = "00-23-14-52-b6-48"<br>
> Called-Station-Id = "00-22-90-96-74-d0:roam1x"<br>
> NAS-Port = 13<br>
> NAS-IP-Address = 60.62.0.11<br>
> NAS-Identifier = "TalwarDjea"<br>
> Airespace-Wlan-Id = 2<br>
> Service-Type = Framed-User<br>
> Framed-MTU = 1300<br>
> NAS-Port-Type = Wireless-802.11<br>
> Tunnel-Type:0 = VLAN<br>
> Tunnel-Medium-Type:0 = IEEE-802<br>
> Tunnel-Private-Group-Id:0 = "662"<br>
> EAP-Message = 0x020200090174657374<br>
> Message-Authenticator = 0x43b27fa1904d094c72f283b626235ede<br>
> # Executing section authorize from file<br>
> /usr/local/etc/raddb/sites-enabled/default<br>
> +- entering group authorize {...}<br>
> ++[preprocess] returns ok<br>
> ++[chap] returns noop<br>
> ++[mschap] returns noop<br>
> ++[digest] returns noop<br>
> [suffix] No '@' in User-Name = "test", looking up realm NULL<br>
> [suffix] No such realm "NULL"<br>
> ++[suffix] returns noop<br>
> [eap] EAP packet type response id 2 length 9<br>
> [eap] No EAP Start, assuming it's an on-going EAP conversation<br>
> ++[eap] returns updated<br>
> [files] users: Matched entry test at line 206<br>
> ++[files] returns ok<br>
> ++[expiration] returns noop<br>
> ++[logintime] returns noop<br>
> [pap] WARNING: Auth-Type already set. Not setting to PAP<br>
> ++[pap] returns noop<br>
> Found Auth-Type = EAP<br>
> # Executing group from file /usr/local/etc/raddb/sites-enabled/default<br>
> +- entering group authenticate {...}<br>
> [eap] EAP Identity<br>
> [eap] processing type md5<br>
> rlm_eap_md5: Issuing Challenge<br>
> ++[eap] returns handled<br>
> Sending Access-Challenge of id 64 to 60.62.0.11 port 32768<br>
> EAP-Message = 0x010300160410a79c9f15ab9b61db3cbbea86ccff0cdc<br>
> Message-Authenticator = 0x00000000000000000000000000000000<br>
> State = 0xde34e188de37e54e1627fcd7f780c535<br>
> Finished request 0.<br>
> Going to the next request<br>
> Waking up in 4.9 seconds.<br>
> rad_recv: Access-Request packet from host 60.62.0.11 port 32768, id=65,<br>
> length=186<br>
> User-Name = "test"<br>
> Calling-Station-Id = "00-23-14-52-b6-48"<br>
> Called-Station-Id = "00-22-90-96-74-d0:roam1x"<br>
> NAS-Port = 13<br>
> NAS-IP-Address = 60.62.0.11<br>
> NAS-Identifier = "TalwarDjea"<br>
> Airespace-Wlan-Id = 2<br>
> Service-Type = Framed-User<br>
> Framed-MTU = 1300<br>
> NAS-Port-Type = Wireless-802.11<br>
> Tunnel-Type:0 = VLAN<br>
> Tunnel-Medium-Type:0 = IEEE-802<br>
> Tunnel-Private-Group-Id:0 = "662"<br>
> EAP-Message = 0x020300060311<br>
> State = 0xde34e188de37e54e1627fcd7f780c535<br>
> Message-Authenticator = 0x86143f5b448d061ce4685385e73a01b4<br>
> # Executing section authorize from file<br>
> /usr/local/etc/raddb/sites-enabled/default<br>
> +- entering group authorize {...}<br>
> ++[preprocess] returns ok<br>
> ++[chap] returns noop<br>
> ++[mschap] returns noop<br>
> ++[digest] returns noop<br>
> [suffix] No '@' in User-Name = "test", looking up realm NULL<br>
> [suffix] No such realm "NULL"<br>
> ++[suffix] returns noop<br>
> [eap] EAP packet type response id 3 length 6<br>
> [eap] No EAP Start, assuming it's an on-going EAP conversation<br>
> ++[eap] returns updated<br>
> [files] users: Matched entry test at line 206<br>
> ++[files] returns ok<br>
> ++[expiration] returns noop<br>
> ++[logintime] returns noop<br>
> [pap] WARNING: Auth-Type already set. Not setting to PAP<br>
> ++[pap] returns noop<br>
> Found Auth-Type = EAP<br>
> # Executing group from file /usr/local/etc/raddb/sites-enabled/default<br>
> +- entering group authenticate {...}<br>
> [eap] Request found, released from the list<br>
> [eap] EAP NAK<br>
> [eap] EAP-NAK asked for EAP-Type/leap<br>
> [eap] processing type leap<br>
> rlm_eap_leap: Stage 2<br>
> rlm_eap_leap: Issuing AP Challenge<br>
> rlm_eap_leap: Successfully initiated<br>
> ++[eap] returns handled<br>
> Sending Access-Challenge of id 65 to 60.62.0.11 port 32768<br>
> EAP-Message = 0x01040014110100085a49dd53258088a974657374<br>
> Message-Authenticator = 0x00000000000000000000000000000000<br>
> State = 0xde34e188df30f04e1627fcd7f780c535<br>
> Finished request 1.<br>
> Going to the next request<br>
> Waking up in 4.9 seconds.<br>
> rad_recv: Access-Request packet from host 60.62.0.11 port 32768, id=66,<br>
> length=216<br>
> User-Name = "test"<br>
> Calling-Station-Id = "00-23-14-52-b6-48"<br>
> Called-Station-Id = "00-22-90-96-74-d0:roam1x"<br>
> NAS-Port = 13<br>
> NAS-IP-Address = 60.62.0.11<br>
> NAS-Identifier = "TalwarDjea"<br>
> Airespace-Wlan-Id = 2<br>
> Service-Type = Framed-User<br>
> Framed-MTU = 1300<br>
> NAS-Port-Type = Wireless-802.11<br>
> Tunnel-Type:0 = VLAN<br>
> Tunnel-Medium-Type:0 = IEEE-802<br>
> Tunnel-Private-Group-Id:0 = "662"<br>
> EAP-Message =<br>
> 0x0204002411010018f84b7c6e4beaad41a5f1c179c35507c688576b2d4431d8b574657374<br>
> State = 0xde34e188df30f04e1627fcd7f780c535<br>
> Message-Authenticator = 0xdab956d032f1cdc8b7519647c512e4ef<br>
> # Executing section authorize from file<br>
> /usr/local/etc/raddb/sites-enabled/default<br>
> +- entering group authorize {...}<br>
> ++[preprocess] returns ok<br>
> ++[chap] returns noop<br>
> ++[mschap] returns noop<br>
> ++[digest] returns noop<br>
> [suffix] No '@' in User-Name = "test", looking up realm NULL<br>
> [suffix] No such realm "NULL"<br>
> ++[suffix] returns noop<br>
> [eap] EAP packet type response id 4 length 36<br>
> [eap] No EAP Start, assuming it's an on-going EAP conversation<br>
> ++[eap] returns updated<br>
> [files] users: Matched entry test at line 206<br>
> ++[files] returns ok<br>
> ++[expiration] returns noop<br>
> ++[logintime] returns noop<br>
> [pap] WARNING: Auth-Type already set. Not setting to PAP<br>
> ++[pap] returns noop<br>
> Found Auth-Type = EAP<br>
> # Executing group from file /usr/local/etc/raddb/sites-enabled/default<br>
> +- entering group authenticate {...}<br>
> [eap] Request found, released from the list<br>
> [eap] EAP/leap<br>
> [eap] processing type leap<br>
> rlm_eap_leap: Stage 4<br>
> rlm_eap_leap: NtChallengeResponse from AP is valid<br>
> [eap] Underlying EAP-Type set EAP ID to 5<br>
> ++[eap] returns ok<br>
> # Executing section post-auth from file<br>
> /usr/local/etc/raddb/sites-enabled/default<br>
> +- entering group post-auth {...}<br>
> ++[exec] returns noop<br>
> Sending Access-Challenge of id 66 to 60.62.0.11 port 32768<br>
> EAP-Message = 0x03050004<br>
> Message-Authenticator = 0x00000000000000000000000000000000<br>
> State = 0xde34e188dc31f04e1627fcd7f780c535<br>
> Finished request 2.<br>
> Going to the next request<br>
> Waking up in 4.9 seconds.<br>
> Cleaning up request 0 ID 64 with timestamp +306<br>
> Cleaning up request 1 ID 65 with timestamp +306<br>
> Cleaning up request 2 ID 66 with timestamp +306<br>
> Ready to process requests.<br>
><br>
><br>
><br>
><br>
><br>
</div></div>> -<br>
> List info/subscribe/unsubscribe? See<br>
> <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br>
><br>
</blockquote></div><br>