<div dir="ltr">Hello,<div style><br></div><div style>Not sure what I'm missing here, i seem to not be able to get this to work.</div><div style>One of those things, I've done it many times yet I've missed a step I think.</div>
<div style>This server is used to authenticate pppoe connections on a cisco router.<br></div><div style><br></div><div style>I just want freeradius to strip the realm every time.</div><div style><br></div><div style><br></div>
<div style>Debian Wheezy</div><div style><div> freeradius -XX</div><div>Sun Jun 9 16:43:58 2013 : Info: FreeRADIUS Version 2.1.12, for host x86_64-pc-linux-gnu, built on Dec 16 2012 at 13:28:43</div><div><br></div><div><br>
</div><div style>It works fine without a realm, returns all the right values;</div><div style><br></div><div style><div>root@chronos:/etc/freeradius# radtest testaccount test1234 localhost 0 testing123</div><div>Sending Access-Request of id 95 to 127.0.0.1 port 1812</div>
<div> User-Name = "testaccount"</div><div> User-Password = "test1234"</div><div> NAS-IP-Address = 127.0.1.1</div><div> NAS-Port = 0</div><div> Message-Authenticator = 0x00000000000000000000000000000000</div>
<div>rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=95, length=56</div><div> Framed-IP-Address = 10.8.13.19</div><div> Tunnel-Type:0 = L2TP</div><div> Tunnel-Medium-Type:0 = IPv4</div>
<div> Service-Type = Framed-User</div><div> Framed-Protocol = PPP</div><div> Framed-IP-Netmask = 255.255.255.255</div><div>root@chronos:/etc/freeradius#</div><div><br></div><div><br></div><div><br></div>
<div><br></div><div style>With a realm, no good.</div><div style><br></div><div style><div>rad_recv: Access-Request packet from host 127.0.0.1 port 52011, id=44, length=92</div><div> User-Name = "<a href="mailto:testaccount@domain.com">testaccount@domain.com</a>"</div>
<div> User-Password = "test1234"</div><div> NAS-IP-Address = 127.0.1.1</div><div> NAS-Port = 0</div><div> Message-Authenticator = 0x6c233bef9def046c0b422486e2aef3a1</div><div>Sun Jun 9 16:46:05 2013 : Info: # Executing section authorize from file /etc/freeradius/sites-enabled/default</div>
<div>Sun Jun 9 16:46:05 2013 : Info: +- entering group authorize {...}</div><div>Sun Jun 9 16:46:05 2013 : Info: ++[preprocess] returns ok</div><div>Sun Jun 9 16:46:05 2013 : Info: ++[chap] returns noop</div><div>Sun Jun 9 16:46:05 2013 : Info: ++[mschap] returns noop</div>
<div>Sun Jun 9 16:46:05 2013 : Info: ++[digest] returns noop</div><div>Sun Jun 9 16:46:05 2013 : Info: [suffix] Looking up realm "<a href="http://domain.com">domain.com</a>" for User-Name = "<a href="mailto:testaccount@domain.com">testaccount@domain.com</a>"</div>
<div>Sun Jun 9 16:46:05 2013 : Info: [suffix] No such realm "<a href="http://domain.com">domain.com</a>"</div><div>Sun Jun 9 16:46:05 2013 : Info: ++[suffix] returns noop</div><div>Sun Jun 9 16:46:05 2013 : Info: [eap] No EAP-Message, not doing EAP</div>
<div>Sun Jun 9 16:46:05 2013 : Info: ++[eap] returns noop</div><div>Sun Jun 9 16:46:05 2013 : Info: ++[files] returns noop</div><div>Sun Jun 9 16:46:05 2013 : Info: [sql] expand: %{User-Name} -> <a href="mailto:testaccount@domain.com">testaccount@domain.com</a></div>
<div>Sun Jun 9 16:46:05 2013 : Info: [sql] sql_set_user escaped user --> '<a href="mailto:testaccount@domain.com">testaccount@domain.com</a>'</div><div>Sun Jun 9 16:46:05 2013 : Debug: rlm_sql (sql): Reserving sql socket id: 3</div>
<div>Sun Jun 9 16:46:05 2013 : Info: [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = '<a href="mailto:testaccount@domain.com">testaccount@domain.com</a>' ORDER BY id</div>
<div>Sun Jun 9 16:46:05 2013 : Info: [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = '<a href="mailto:testaccount@domain.com">testaccount@domain.com</a>' ORDER BY priority</div>
<div>Sun Jun 9 16:46:05 2013 : Debug: rlm_sql (sql): Released sql socket id: 3</div><div>Sun Jun 9 16:46:05 2013 : Info: [sql] User <a href="mailto:testaccount@domain.com">testaccount@domain.com</a> not found</div><div>
Sun Jun 9 16:46:05 2013 : Info: ++[sql] returns notfound</div><div>Sun Jun 9 16:46:05 2013 : Info: ++[expiration] returns noop</div><div>Sun Jun 9 16:46:05 2013 : Info: ++[logintime] returns noop</div><div>Sun Jun 9 16:46:05 2013 : Info: [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.</div>
<div>Sun Jun 9 16:46:05 2013 : Info: ++[pap] returns noop</div><div>Sun Jun 9 16:46:05 2013 : Info: ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user</div><div>Sun Jun 9 16:46:05 2013 : Info: Failed to authenticate the user.</div>
<div>Sun Jun 9 16:46:05 2013 : Info: Using Post-Auth-Type Reject</div><div>Sun Jun 9 16:46:05 2013 : Info: # Executing group from file /etc/freeradius/sites-enabled/default</div><div>Sun Jun 9 16:46:05 2013 : Info: +- entering group REJECT {...}</div>
<div>Sun Jun 9 16:46:05 2013 : Info: [attr_filter.access_reject] expand: %{User-Name} -> <a href="mailto:testaccount@domain.com">testaccount@domain.com</a></div><div>Sun Jun 9 16:46:05 2013 : Debug: attr_filter: Matched entry DEFAULT at line 11</div>
<div>Sun Jun 9 16:46:05 2013 : Info: ++[attr_filter.access_reject] returns updated</div><div>Sun Jun 9 16:46:05 2013 : Info: Delaying reject of request 0 for 1 seconds</div><div>Sun Jun 9 16:46:05 2013 : Debug: Going to the next request</div>
<div>Sun Jun 9 16:46:05 2013 : Debug: Waking up in 0.9 seconds.</div><div>Sun Jun 9 16:46:06 2013 : Info: Sending delayed reject for request 0</div><div>Sending Access-Reject of id 44 to 127.0.0.1 port 52011</div><div>Sun Jun 9 16:46:06 2013 : Debug: Waking up in 4.9 seconds.</div>
<div><br></div></div><div><br></div><div style>I don't recall having to setup a realm in previous installs.</div><div style>However I did used to use an older version of freeradius.</div><div style><br></div><div style>
Thanks in advance :)</div><div style>Jules.</div><div><br></div></div></div></div>