<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Tahoma
}
--></style>
</head>
<body class='hmmessage'>
<br>Hi, <br><br>I have a Linux(Ubuntu) NMS server and I want it to be authenticated Via Freeradius. So If I log into that NMS server it should send requests for authentication to FreeRadius serve. Also, can a windows XP machine be authenticated through Freeradius? I mean not the telnet/SSH login but somethign like RDP or VNC as well. <br><br>BR,<br>Raheel<br><div>
<div><font color="#ff3366" size="5"> </font></div>
<div><font color="#ff3366" size="5"></font> </div>
<div><font color="#ff3366" size="5"></font> </div>
<div><font color="#ff3366" size="5"></font> </div>
<div><font color="#ff3366" size="5"></font> </div>
<div><font color="#ff3366" size="5"></font> </div>
<div><font color="#ff3366" size="5"></font> </div>
<div><font color="#ff3366" size="5"></font> </div>
<div><font color="#ff3366" size="5"></font> </div>
<div><font color="#ff3366" size="5"></font> </div>
<div><font color="#ff3366" size="5"></font> </div>
<div><font color="#ff3366" size="5"></font> </div>
<div><font color="#ff3366" size="5"></font> </div>
<div><font color="#ff3366" size="5"></font> </div>
<div><font color="#ff3366" size="5"></font> </div>
<div><font color="#ff3366" size="5"></font> </div></div><br><br><br><br>> Date: Fri, 13 May 2011 20:42:03 -0700<br>> From: richard.adams@stentofon.com.au<br>> To: freeradius-users@lists.freeradius.org<br>> Subject: Authentication issues from Apple devices<br>> <br>> Hello. I have configured a Wireless Hotspot using the EasyHotSpot system,<br>> that uses FreeRadius for authentication. <br>> <br>> I am having problems only when Apple devices (iphone, ipad, macbooks)<br>> attempt to connect to the hotspot.<br>> <br>> This is confusing, as all other devices and software (Winxp, Vista, 7,<br>> Symbian, Blackberry, Android etc) authenticate perfectly.<br>> <br>> As a test case, and while running debugging, I attempted to connect with my<br>> Blackberry and an Iphone using the same username and password. I have<br>> attached the results. As you will see, using the same username and<br>> password, the blackberry authenticates while the iphone fails. I cannot see<br>> any reason for this in the log. Can anyone please assist?<br>> <br>> Failed log:<br>> <br>> Ready to process requests.<br>> rad_recv: Access-Request packet from host 127.0.0.1 port 60277, id=0,<br>> length=216<br>> User-Name = "sandra"<br>> CHAP-Challenge = 0x0571777ec7661c411af641e8952291b9<br>> CHAP-Password = 0x00120c16a8ff125a7a348459a0f40a86a9<br>> NAS-IP-Address = 0.0.0.0<br>> Service-Type = Login-User<br>> Framed-IP-Address = 192.168.182.10<br>> Calling-Station-Id = "DC-2B-61-9C-92-E6"<br>> Called-Station-Id = "00-0D-56-9C-AC-F6"<br>> NAS-Identifier = "nas01"<br>> Acct-Session-Id = "4dcde5a500000000"<br>> NAS-Port-Type = Wireless-802.11<br>> NAS-Port = 0<br>> Message-Authenticator = 0x35f8e8bc299636c4cd468b533de65f78<br>> WISPr-Logoff-URL = "http://192.168.182.1:3990/logoff"<br>> +- entering group authorize {...}<br>> ++[preprocess] returns ok<br>> [chap] Setting 'Auth-Type := CHAP'<br>> ++[chap] returns ok<br>> ++[mschap] returns noop<br>> [suffix] No '@' in User-Name = "sandra", looking up realm NULL<br>> [suffix] No such realm "NULL"<br>> ++[suffix] returns noop<br>> [eap] No EAP-Message, not doing EAP<br>> ++[eap] returns noop<br>> ++[unix] returns notfound<br>> ++[files] returns noop<br>> expand: %{User-Name} -> sandra<br>> [sql] sql_set_user escaped user --> 'sandra'<br>> rlm_sql (sql): Reserving sql socket id: 4<br>> expand: SELECT id, username, attribute, value, op FROM radcheck <br>> WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id,<br>> username, attribute, value, op FROM radcheck WHERE<br>> username = 'sandra' ORDER BY id<br>> [sql] User found in radcheck table<br>> expand: SELECT id, username, attribute, value, op FROM radreply <br>> WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id,<br>> username, attribute, value, op FROM radreply WHERE<br>> username = 'sandra' ORDER BY id<br>> expand: SELECT groupname FROM radusergroup WHERE<br>> username = '%{SQL-User-Name}' ORDER BY priority -> SELECT<br>> groupname FROM radusergroup WHERE username = 'sandra' <br>> ORDER BY priority<br>> rlm_sql (sql): Released sql socket id: 4<br>> ++[sql] returns ok<br>> rlm_sqlcounter: Entering module authorize code<br>> rlm_sqlcounter: Could not find Check item value pair<br>> ++[max_all_mb] returns noop<br>> rlm_sqlcounter: Entering module authorize code<br>> rlm_sqlcounter: Could not find Check item value pair<br>> ++[noresetcounter] returns noop<br>> [expiration] Checking Expiration time: 'September 11 2011 24:00:00'<br>> ++[expiration] returns ok<br>> ++[logintime] returns noop<br>> [pap] Found existing Auth-Type, not changing it.<br>> ++[pap] returns noop<br>> Found Auth-Type = CHAP<br>> +- entering group CHAP {...}<br>> [chap] login attempt by "sandra" with CHAP password<br>> [chap] Using clear text password "sandra" for user sandra authentication.<br>> [chap] Password check failed<br>> ++[chap] returns reject<br>> Failed to authenticate the user.<br>> Using Post-Auth-Type Reject<br>> +- entering group REJECT {...}<br>> expand: %{User-Name} -> sandra<br>> attr_filter: Matched entry DEFAULT at line 11<br>> ++[attr_filter.access_reject] returns updated<br>> Delaying reject of request 0 for 1 seconds<br>> Going to the next request<br>> Waking up in 0.9 seconds.<br>> Sending delayed reject for request 0<br>> Sending Access-Reject of id 0 to 127.0.0.1 port 60277<br>> Waking up in 4.9 seconds.<br>> Cleaning up request 0 ID 0 with timestamp +36<br>> Ready to process requests.<br>> <br>> Sucessful Log:<br>> <br>> rad_recv: Access-Request packet from host 127.0.0.1 port 44107, id=0,<br>> length=216<br>> User-Name = "sandra"<br>> CHAP-Challenge = 0x97824e8524637118ae2cf716a0362b97<br>> CHAP-Password = 0x00f729a50979c25ef7d9d9e5e4cc1b2907<br>> NAS-IP-Address = 0.0.0.0<br>> Service-Type = Login-User<br>> Framed-IP-Address = 192.168.182.8<br>> Calling-Station-Id = "CC-55-AD-93-77-E6"<br>> Called-Station-Id = "00-0D-56-9C-AC-F6"<br>> NAS-Identifier = "nas01"<br>> Acct-Session-Id = "4dcde8c300000001"<br>> NAS-Port-Type = Wireless-802.11<br>> NAS-Port = 1<br>> Message-Authenticator = 0xf30387317dabf479ce7642e776e0295e<br>> WISPr-Logoff-URL = "http://192.168.182.1:3990/logoff"<br>> +- entering group authorize {...}<br>> ++[preprocess] returns ok<br>> [chap] Setting 'Auth-Type := CHAP'<br>> ++[chap] returns ok<br>> ++[mschap] returns noop<br>> [suffix] No '@' in User-Name = "sandra", looking up realm NULL<br>> [suffix] No such realm "NULL"<br>> ++[suffix] returns noop<br>> [eap] No EAP-Message, not doing EAP<br>> ++[eap] returns noop<br>> ++[unix] returns notfound<br>> ++[files] returns noop<br>> expand: %{User-Name} -> sandra<br>> [sql] sql_set_user escaped user --> 'sandra'<br>> rlm_sql (sql): Reserving sql socket id: 3<br>> expand: SELECT id, username, attribute, value, op FROM radcheck <br>> WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id,<br>> username, attribute, value, op FROM radcheck WHERE<br>> username = 'sandra' ORDER BY id<br>> [sql] User found in radcheck table<br>> expand: SELECT id, username, attribute, value, op FROM radreply <br>> WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id,<br>> username, attribute, value, op FROM radreply WHERE<br>> username = 'sandra' ORDER BY id<br>> expand: SELECT groupname FROM radusergroup WHERE<br>> username = '%{SQL-User-Name}' ORDER BY priority -> SELECT<br>> groupname FROM radusergroup WHERE username = 'sandra' <br>> ORDER BY priority<br>> rlm_sql (sql): Released sql socket id: 3<br>> ++[sql] returns ok<br>> rlm_sqlcounter: Entering module authorize code<br>> rlm_sqlcounter: Could not find Check item value pair<br>> ++[max_all_mb] returns noop<br>> rlm_sqlcounter: Entering module authorize code<br>> rlm_sqlcounter: Could not find Check item value pair<br>> ++[noresetcounter] returns noop<br>> [expiration] Checking Expiration time: 'September 11 2011 24:00:00'<br>> ++[expiration] returns ok<br>> ++[logintime] returns noop<br>> [pap] Found existing Auth-Type, not changing it.<br>> ++[pap] returns noop<br>> Found Auth-Type = CHAP<br>> +- entering group CHAP {...}<br>> [chap] login attempt by "sandra" with CHAP password<br>> [chap] Using clear text password "sandra" for user sandra authentication.<br>> [chap] chap user sandra authenticated succesfully<br>> ++[chap] returns ok<br>> +- entering group session {...}<br>> expand: /var/log/freeradius/radutmp -> /var/log/freeradius/radutmp<br>> expand: %{User-Name} -> sandra<br>> ++[radutmp] returns ok<br>> +- entering group post-auth {...}<br>> expand: %{User-Name} -> sandra<br>> [sql] sql_set_user escaped user --> 'sandra'<br>> expand: %{User-Password} -> <br>> expand: %{Chap-Password} -> 0x00f729a50979c25ef7d9d9e5e4cc1b2907<br>> expand: INSERT INTO radpostauth (username, pass,<br>> reply, authdate) VALUES ( <br>> '%{User-Name}', <br>> '%{%{User-Password}:-%{Chap-Password}}', <br>> '%{reply:Packet-Type}', '%S') -> INSERT INTO radpostauth <br>> (username, pass, reply, authdate) VALUES ( <br>> 'sandra', '0x00f729a50979c25ef7d9d9e5e4cc1b2907', <br>> 'Access-Accept', '2011-05-14 12:28:43')<br>> rlm_sql (sql) in sql_postauth: query is INSERT INTO radpostauth <br>> (username, pass, reply, authdate) VALUES ( <br>> 'sandra', '0x00f729a50979c25ef7d9d9e5e4cc1b2907', <br>> 'Access-Accept', '2011-05-14 12:28:43')<br>> rlm_sql (sql): Reserving sql socket id: 2<br>> rlm_sql (sql): Released sql socket id: 2<br>> ++[sql] returns ok<br>> ++[exec] returns noop<br>> Sending Access-Accept of id 0 to 127.0.0.1 port 44107<br>> WISPr-Bandwidth-Max-Down := 256000<br>> Idle-Timeout := 600<br>> WISPr-Session-Terminate-Time := "2011-9-11T24:00:00"<br>> Acct-Interim-Interval := 120<br>> Session-Timeout = 10409477<br>> Finished request 1.<br>> <br>> <br>> <br>> --<br>> View this message in context: http://freeradius.1045715.n5.nabble.com/Authentication-issues-from-Apple-devices-tp4394941p4394941.html<br>> Sent from the FreeRadius - User mailing list archive at Nabble.com.<br>> -<br>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html<br> </body>
</html>