<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<br>
That is why I am so confused. I do have this user in the users file
and even tested authentication using NTradping and it works fine
going directly from the Internet to the radius server. However when
I try to authenticate via the LNS I see this error. <br>
<br>
any idea's. <br>
<br>
<br>
<br>
<br>
<pre wrap="">Message: 4
Date: Fri, 02 Sep 2011 09:54:50 +0200
From: Bj?rn Mork <a class="moz-txt-link-rfc2396E" href="mailto:bjorn@mork.no"><bjorn@mork.no></a>
Subject: Re: cisco 3825 authentication error
To: FreeRadius users mailing list
<a class="moz-txt-link-rfc2396E" href="mailto:freeradius-users@lists.freeradius.org"><freeradius-users@lists.freeradius.org></a>
Message-ID: <a class="moz-txt-link-rfc2396E" href="mailto:87r53zjs51.fsf@nemi.mork.no"><87r53zjs51.fsf@nemi.mork.no></a>
Content-Type: text/plain; charset=utf-8
Dom <a class="moz-txt-link-rfc2396E" href="mailto:dversace@tekcorner.ca"><dversace@tekcorner.ca></a> writes:
</pre>
<blockquote type="cite" style="color: #000000;">
<pre wrap="">[pap] WARNING! No "known good" password found for the user.
</pre>
</blockquote>
<pre wrap="">Looks good so far, but you need to tell freeradius the password for this
user...
E.g. by adding something like this to the "users" file:
<a class="moz-txt-link-abbreviated" href="mailto:aewais@domain.com">aewais@domain.com</a> Cleartext-Password := "password"
or configure some database backend or whatever. It's all in the docs
<span class="moz-smiley-s1" title=":-)"></span>
Bj?rn
</pre>
<br>
<br>
<br>
<br>
<span class="Apple-style-span" style="color: rgb(0, 0, 0);
font-family: 'Times New Roman'; font-style: normal; font-variant:
normal; font-weight: normal; letter-spacing: normal; line-height:
normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px;
text-transform: none; white-space: normal; widows: 2;
word-spacing: 0px; -webkit-text-decorations-in-effect: none;
-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;
font-size: medium; ">
<ul>
<li><em>To</em>:<span class="Apple-converted-space"> </span><a
href="mailto:freeradius-users%40lists.freeradius.org">freeradius-users@lists.freeradius.org</a></li>
<li><em>Subject</em>: cisco 3825 authentication error</li>
<li><em>From</em>: Dom <<a
href="mailto:dversace%40tekcorner.ca">dversace@tekcorner.ca</a>></li>
<li><em>Date</em>: Thu, 01 Sep 2011 15:45:02 -0400</li>
<li><em>Reply-to</em>: FreeRadius users mailing list <<a
href="mailto:freeradius-users%40lists.freeradius.org">freeradius-users@lists.freeradius.org</a>></li>
<li><em>User-agent</em>: Mozilla/5.0 (Windows NT 6.1; rv:6.0.1)
Gecko/20110830 Thunderbird/6.0.1</li>
</ul>
<hr><tt>I am trying to terminate vpdn sessions through our cisco
3825 using<span class="Apple-converted-space"> </span></tt><tt>freeradius.
I am new to this whole process and I was hoping to get some<span
class="Apple-converted-space"> </span></tt><tt>assistance with
the missing configuration.</tt><tt>Below is the error message I
am receiving when trying to authenticate<span
class="Apple-converted-space"> </span></tt><tt>via the router.</tt><tt>rad_recv:
Access-Request packet from host 64.34.66.5 port 1645, id=19,<span
class="Apple-converted-space"> </span></tt><tt>length=135</tt>
<pre style="margin-top: 0em; margin-right: 0em; margin-bottom: 0em; margin-left: 0em; "> Framed-Protocol = PPP
User-Name = <a class="moz-txt-link-rfc2396E" href="mailto:aewais@domain.com">"aewais@domain.com"</a>
User-Password = "password"
Calling-Station-Id = "bas203300000455"
Connect-Info = "1000000000"
NAS-Port-Type = Virtual
NAS-Port = 532
NAS-Port-Id = "Uniq-Sess-ID532"
Service-Type = Framed-User
NAS-IP-Address = 64.34.66.5
</pre>
<tt># Executing section authorize from file<span
class="Apple-converted-space"> </span></tt><tt>/etc/freeradius/sites-enabled/default</tt>
<pre style="margin-top: 0em; margin-right: 0em; margin-bottom: 0em; margin-left: 0em; ">+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] Looking up realm "domain.com" for User-Name = <a class="moz-txt-link-rfc2396E" href="mailto:aewais@domain.com">"aewais@domain.com"</a>
[suffix] No such realm "domain.com"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[files] users: Matched entry DEFAULT at line 172
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
</pre>
<tt>[pap] WARNING! No "known good" password found for the user.<span
class="Apple-converted-space"> </span></tt><tt>Authentication
may fail because of this.</tt>
<pre style="margin-top: 0em; margin-right: 0em; margin-bottom: 0em; margin-left: 0em; ">++[pap] returns noop
</pre>
<tt>ERROR: No authenticate method (Auth-Type) found for the
request:<span class="Apple-converted-space"> </span></tt><tt>Rejecting
the user</tt>
<pre style="margin-top: 0em; margin-right: 0em; margin-bottom: 0em; margin-left: 0em; ">Failed to authenticate the user.
Using Post-Auth-Type Reject
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group REJECT {...}
[attr_filter.access_reject] expand: %{User-Name} -> <a class="moz-txt-link-abbreviated" href="mailto:aewais@domain.com">aewais@domain.com</a>
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 0 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 0
Sending Access-Reject of id 19 to 64.34.66.5 port 1645
Waking up in 4.9 seconds.
Cleaning up request 0 ID 19 with timestamp +381
Ready to process requests.
</pre>
</span><br class="Apple-interchange-newline">
<br>
</body>
</html>