I just use enter after my shared secret. Any suggestions ? On Thu, Apr 11, 2013 at 4:17 PM, Matthias Nagel <matthias.h.nagel@gmail.com>wrote:
Hello,
Am Donnerstag 11 April 2013, 16:07:08 schrieb Iftakhul Anwar:
Hi Matthias,
I don't use " " on my squid_rad_auth.conf
I know, that is the reason why I asked you to check for non-printable characters AFTER your shared secret.
No space on my scret.
And what is between the last printable character of your secret and the new line?
Matthias
This is my squid_rad_auth.conf
server 192.168.2.3 secret testing123
On my radcheck, i also using Cleartext-Password on my racheck table
Any another clue ?
Thanks
On Thu, Apr 11, 2013 at 3:59 PM, Matthias Nagel <matthias.h.nagel@gmail.com>wrote:
Hello,
did you do what the warning says and double checked the shared secret?
As far as I see the squid_rad_auth.conf does not use quotation marks ("") to delimit the shared secret. Hence, perhaps you have trailing white spaces or something like that at the end of the line. Delete the line "secret" in squid_rad_auth.conf and type it again. I really mean to delete it in order to get rid of unprintable characters you might not see.
Matthias
Am Donnerstag 11 April 2013, 15:47:33 schrieb Iftakhul Anwar:
Hi All,
I have successfully configure freeradius with mysql. i can radtest using command :
sudo radtest alice password 192.168.2.3 1812 testing123 Sending Access-Request of id 187 to 192.168.2.3 port 1812 User-Name = "alice" User-Password = "password" NAS-IP-Address = 127.0.1.1 NAS-Port = 1812 Message-Authenticator = 0x00000000000000000000000000000000
rad_recv: Access-Accept packet from host 192.168.2.3 port 1812, id=187, length=20
Now i try squid using radius authentication.
i followed step by step from :
http://safesrv.net/setup-squid-and-freeradius-on-centos-5/#comment-1043
But i got error message log on cache.log
Warning: Received invalid reply digest from server Warning: Received invalid reply digest from server Warning: Received invalid reply digest from server squid_rad_auth: No response from RADIUS server
On radius -X debug there is error message like bellow :
Sending duplicate reply to client localprivate port 42003 – ID: 2 Sending Access-Reject of id 2 to 192.168.2.3 port 42003 Waking up in 2.9 seconds. rad_recv: Access-Request packet from host 192.168.2.3 port 42003, id=2, length=63 Sending duplicate reply to client localprivate port 42003 – ID: 2 Sending Access-Reject of id 2 to 192.168.2.3 port 42003 Waking up in 0.9 seconds. Found Auth-Type = PAP # Executing group from file
/usr/local/etc/raddb/sites-enabled/default
+- entering group PAP {…} [pap] login attempt with password “b9?I? +�(�Ч�Y�?” [pap] Using clear text password “password” [pap] Passwords don’t match ++[pap] returns reject Failed to authenticate the user. WARNING: Unprintable characters in the password. Double-check the shared secret on the server and the NAS! Using Post-Auth-Type REJECT
What is that error ? How i can solve this
Thanks
---------------------------------------------------------------------- Matthias Nagel Willy-Andreas-Allee 1, Zimmer 506 76131 Karlsruhe
Telefon: +49-721-8695-1506 Mobil: +49-151-15998774 e-Mail: matthias.h.nagel@gmail.com ICQ: 499797758 Skype: nagmat84
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
---------------------------------------------------------------------- Matthias Nagel Willy-Andreas-Allee 1, Zimmer 506 76131 Karlsruhe
Telefon: +49-721-8695-1506 Mobil: +49-151-15998774 e-Mail: matthias.h.nagel@gmail.com ICQ: 499797758 Skype: nagmat84
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- *M.Iftakhul Anwar* Meruvian Integrator High Performance Computing / Cloud Computing (HPC/CC) Office Phone : 021-93586577 Mobile Phone : 085215331477 Blog : http://blog.mervpolis.com/roller/anwar FB : http://www.facebook.com/troya.adromeda Website : www.meruvian.org