This is what the freeradius debug looks like when i try to authenticate a user who is not valid. I dont get an Access-Reject. But for valid users the function works fine. radius_xlat: 'SELECT id,username,attribute,value,op FROM tryagain('7140949870','0000') ????as (id integer,username varchar,attribute varchar,value varchar,op character)' rlm_sql (sql): Reserving sql socket id: 1 rlm_sql_postgresql: query: SELECT id,username,attribute,value,op FROM tryagain('7140949870','0000') ????as (id integer,username varchar,attribute varchar,value varchar,op character) rlm_sql_postgresql: Status: PGRES_TUPLES_OK rlm_sql_postgresql: affected rows = rlm_sql: The 'Attribute' field is empty or NULL, skipping the entire row. rlm_sql (sql): Error getting data from database rlm_sql (sql): SQL query error; rejecting user rlm_sql (sql): Released sql socket id: 1 modcall[authorize]: module "sql" returns fail for request 3 modcall: leaving group authorize (returns fail) for request 3 Finished request 3 On Mon, Oct 18, 2010 at 5:41 PM, Alan Buxey <A.L.M.Buxey@lboro.ac.uk> wrote:
Hi,
If i try to authenticate a user who is not valid i do not get an Access-Reject but rather i get RADIUS: Retransmit to ([1]192.168.1.12:1812,1813) for id 1645/201 RADIUS: Retransmit to ([2]192.168.1.12:1812,1813) for id 1645/201 RADIUS: Retransmit to ([3]192.168.1.12:1812,1813) for id 1645/201 RADIUS: No response from ([4]192.168.1.12:1812,1813) for id 1645/201 RADIUS/DECODE: No response from radius-server; parse response; FAIL RADIUS/DECODE: Case error(no response/ bad packet/ op decode);parse response; FAIL
its falling through to sending it off to another server/process - what is 192.168.1.12 - check your proxy.conf - and look at the full debug output of 'radiusd -X' (which you seem to be trying to summarise) - it'll tell you why its doing what it does
alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html