ok, I think the server is reading files on the path: /usr/local/etc/ so, I modified the file /usr/local/etc/raddb/clients.conf by adding: client ipipgw { ipaddr = 192.168.6.201 secret = testing123 shortname = c3725 nastype = cisco login = user password = userpass } and this is the debug output: Ready to process requests. rad_recv: Access-Request packet from host 192.168.6.201 port 1645, id=4, length=84 User-Name = "thanh" User-Password = "-*\333\003D\215\345\\\302\036\251\320:\373ȇ" NAS-Port = 98 NAS-Port-Id = "tty98" NAS-Port-Type = Virtual Calling-Station-Id = "192.168.6.20" NAS-IP-Address = 192.168.6.201 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "thanh", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[unix] returns notfound ++[files] returns noop ++[expiration] returns noop ++[logintime] returns noop [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop No authenticate method (Auth-Type) configuration found for the request: Rejecting the user Failed to authenticate the user. WARNING: Unprintable characters in the password. Double-check the shared secret on the server and the NAS! Using Post-Auth-Type Reject +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} -> thanh attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 0 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 0 Sending Access-Reject of id 4 to 192.168.6.201 port 1645 Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 192.168.6.201 port 1645, id=4, length=84 Sending duplicate reply to client ipipgw port 1645 - ID: 4 Sending Access-Reject of id 4 to 192.168.6.201 port 1645 Waking up in 1.2 seconds. Cleaning up request 0 ID 4 with timestamp +52 Ready to process requests. rad_recv: Access-Request packet from host 192.168.6.201 port 1645, id=4, length=84 User-Name = "thanh" User-Password = "-*\333\003D\215\345\\\302\036\251\320:\373ȇ" NAS-Port = 98 NAS-Port-Id = "tty98" NAS-Port-Type = Virtual Calling-Station-Id = "192.168.6.20" NAS-IP-Address = 192.168.6.201 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "thanh", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[unix] returns notfound ++[files] returns noop ++[expiration] returns noop ++[logintime] returns noop [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop No authenticate method (Auth-Type) configuration found for the request: Rejecting the user Failed to authenticate the user. WARNING: Unprintable characters in the password. Double-check the shared secret on the server and the NAS! Using Post-Auth-Type Reject +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} -> thanh attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 1 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 1 Sending Access-Reject of id 4 to 192.168.6.201 port 1645 Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 192.168.6.201 port 1645, id=4, length=84 Sending duplicate reply to client ipipgw port 1645 - ID: 4 Sending Access-Reject of id 4 to 192.168.6.201 port 1645 Waking up in 1.2 seconds. Cleaning up request 1 ID 4 with timestamp +61 Ready to process requests. plz tell me how to solve this. thank you vrey much -
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- htt