Hi,
I am a complete newbie with radius. I need to configure this for use with a PPTP VPN. The end goal will be that radius is running on a fedora box, and authenticates against a SMBPASSWD file. PPTPd needs chap.
I used to run it againts smbpasswd, now I'm running against LDAP :-) samba and freeradius use the same password hashes. I can share configuration if You want.
but I am getting ahead of myself, irst I need to get a basic system working. I installed the freeradius rpm, and tried to configure some things:
file clients.conf: client 127.0.0.1 { secret = testing123 shortname = localhost nastype = other } client 192.168.1.0/24 { secret = testing123 shortname = localnet }
File naslist: localhost local other
File users: nothing changed, all seemed oke to me.
file radius.conf: cutted away some text unix { cache = no cache_reload = 600 passwd = /etc/passwd shadow = /etc/shadow group = /etc/group }
When I now start the daemon as root: # radiusd -sfxxyz -l stdout.
When I tried to test it from the console again: radtest ramses "OfCourseThisShouldBeSomethingLessObvious" localhost 1 testing123 I see this at my console:
rad_recv: Access-Request packet from host 127.0.0.1:32769, id=122, length=58 User-Name = "ramses" User-Password = "OfCourseThisShouldBeSomethingLessObvious" NAS-IP-Address = 255.255.255.255 NAS-Port = 1 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: No '@' in User-Name = "ramses", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 0 users: Matched DEFAULT at 152 modcall[authorize]: module "files" returns ok for request 0 modcall: group authorize returns ok for request 0 rad_check_password: Found Auth-Type System auth: type "System" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 0 rlm_unix: [ramses]: invalid password modcall[authenticate]: module "unix" returns reject for request 0 modcall: group authenticate returns reject for request 0 auth: Failed to validate the user. Delaying request 0 for 1 seconds Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Sending Access-Reject of id 122 to 127.0.0.1:32769 Waking up in 4 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 122 with timestamp 42ca3387 Nothing to do. Sleeping until we see a request.
Ofcourse I tripple checked the typed in password, and I could find nothing wrong with that one.
Now I think all I can do is shoult: HELPPPPPPP adoes anyone have any ideas?
kind regards,
Ramses - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html