Jonas Fornander wrote:
[jonas] Below is the whole log for that connection attempt.
You either edited the debug log, or you edited the default configuration, and broke it. Don't do that. [jonas] I have not edited any configuration. I apologize if the debug log was edited. There should be a LOT more modules being run in the "authorize" section. One of them reads the "users" file. If you don't know what the authorize section does, don't edit it. You will break the server. [jonas] Here is the first connection request in the debug log. I have not done any edits to any configurations. I have just added clients to the clients.conf - I got the list from the vendor - and a user to the users file. That's it. Ready to process requests. rad_recv: Access-Request packet from host 64.105.132.249 port 1814, id=253, length=294 User-Name = "3108396020@netwood.net" CHAP-Password = 0x01365cef3e4c1cd1ea35f46d6535a9b23a CHAP-Challenge = 0xca4519d4ab276a48e4973b5b00dc43d6 Service-Type = Framed-User Framed-Protocol = PPP NAS-Identifier = "lsanca54-seb3" NAS-Port = 67371072 NAS-Real-Port = 1140850918 NAS-Port-Type = Virtual NAS-Port-Id = "4/4 vpi-vci 0 230 pppoe 343" Medium-Type = DSL Mac-Addr = "58-6d-8f-3e-7e-40" Connect-Info = "covad" Platform-Type = SmartEdge-800 OS-Version = "6.1.5.6" Acct-Session-Id = "0303003F28004E4F-502C6F25" Framed-IP-Address = 68.167.6.182 NAS-IP-Address = 66.166.60.137 Message-Authenticator = 0x1bf354e361c1dbfcefffeffac95d98e2 Proxy-State = 0x313838 # Executing section authorize from file /etc/freeradius/sites-enabled/default +- entering group authorize {...} ++[preprocess] returns ok [chap] Setting 'Auth-Type := CHAP' ++[chap] returns ok ++[mschap] returns noop ++[digest] returns noop [suffix] Looking up realm "netwood.net" for User-Name = "3108396020@netwood.net" [suffix] No such realm "netwood.net" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop [files] users: Matched entry DEFAULT at line 172 ++[files] returns ok ++[expiration] returns noop ++[logintime] returns noop [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop Found Auth-Type = CHAP # Executing group from file /etc/freeradius/sites-enabled/default +- entering group CHAP {...} [chap] login attempt by "3108396020@netwood.net" with CHAP password [chap] Cleartext-Password is required for authentication ++[chap] returns invalid Failed to authenticate the user. Login incorrect (rlm_chap: Clear text password not available): [3108396020@netwood.net/<CHAP-Password>] (from client LosAngeles port 67371072) Using Post-Auth-Type Reject # Executing group from file /etc/freeradius/sites-enabled/default +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} -> 3108396020@netwood.net attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 0 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 0 Sending Access-Reject of id 253 to 64.105.132.249 port 1814 Proxy-State = 0x313838 Waking up in 4.9 seconds. Cleaning up request 0 ID 253 with timestamp +9726 Ready to process requests. //jonas