Good morning, I have a serious problem, see if you can help. It just can not authenticate any user. The throwing error is: WARNING: Please update your configuration, and remove 'Auth-Type = Local' WARNING: Use the PAP or CHAP modules instead. User-Password in the request does NOT match "known good" password. Failed to authenticate the user. WARNING: unprintable characters in the password. Double-check the shared secret on the server and the NAS! Working with a database mysql + freeradius + chillispot. I show the output of freeradius-X Module: Linked to rlm_files module Module: instantiating files (files usersfile = "/ etc / freeradius / users" acctusersfile = "/ etc / freeradius / acct_users" preproxy_usersfile = "/ etc / freeradius / preproxy_users" compat = "no" ) Module: Checking session {...} for more modules to load Module: Linked to module rlm_radutmp Module: instantiating radutmp (radutmp filename = "/ var / log / freeradius / radutmp" username = "% (User-Name)" case_sensitive = yes check_with_nas = yes perm = 384 callerid = yes ) Module: Checking post-proxy {...} for more modules to load Module: Checking post-auth {...} for more modules to load Module: Linked to module rlm_attr_filter Module: instantiating attr_filter.access_reject (attr_filter.access_reject attr_filter attrsfile = "/ etc / freeradius / attrs.access_reject" key = "% (User-Name)" ) ) # Modules # Server) server ( (modules Module: Checking authenticate {...} for more modules to load Module: Checking Authorize {...} for more modules to load Module: Linked to module rlm_preprocess Module: instantiating Preprocess (Preprocess huntgroups = "/ etc / freeradius / huntgroups" hints = "/ etc / freeradius / hints" with_ascend_hack = no ascend_channels_per_line = 23 with_ntdomain_hack = no with_specialix_jetstream_hack = no with_cisco_vsa_hack = no with_alvarion_vsa_hack = no ) Module: Linked to module rlm_sql Module: sql instantiating (sql driver = "rlm_sql_mysql" server = "localhost" port = "" login = "radius" password = "radpass" radius_db = "radius" read_groups = yes sqltrace = no sqltracefile = "/ var / log / freeradius / sqltrace.sql" readclients = no deletestalesessions = yes num_sql_socks = 5 lifetime = 0 max_queries = 0 sql_user_name = "% (User-Name)" default_user_profile = "" nas_query = "SELECT id, nasname, shortname, type, secret FROM nas" authorize_check_query = "SELECT id, username, attribute, value, op FROM radcheck WHERE username = '% (SQL-User-Name)' ORDER BY id" authorize_reply_query = "SELECT id, username, attribute, value, op FROM radreply WHERE username = '% (SQL-User-Name)' ORDER BY id" authorize_group_check_query = "SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '% (Sql-Group)' ORDER BY id" authorize_group_reply_query = "SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '% (Sql-Group)' ORDER BY id" accounting_onoff_query = "UPDATE SET radacct acctstoptime = '% S', acctsessiontime = UNIX_TIMESTAMP ('% S') - UNIX_TIMESTAMP (acctstarttime) acctterminatecause = '% (Acct-Terminate-Cause)', acctstopdelay =% (% (Acct-Delay -Time): -0) WHERE IS NULL AND acctstoptime nasipaddress = '% (NAS-IP-Address)' AND acctstarttime <= '% S' " accounting_update_query = "UPDATE SET radacct framedipaddress = '% (Framed-IP-Address)', acctsessiontime = '% (Acct-Session-Time)', acctinputoctets ='%{%{ Acct-Input-Gigawords): -0) ' <<32 |'%{%{ Acct-Input-Octets): -0) ', acctoutputoctets ='%{%{ Acct-Output-Gigawords): -0)' <<32 | Acct-'%{%{ Output-Octets): -0) 'WHERE acctsessionid ='% (Acct-Session-Id) 'AND username = "% (SQL-User-Name)' AND nasipaddress = '% (NAS-IP-address)'" accounting_update_query_alt = "INSERT INTO radacct (acctsessionid, acctuniqueid, username, realm, nasipaddress, nasportid, nasporttype, acctstarttime, acctsessiontime, acctauthentic, connectinfo_start, acctinputoctets, acctoutputoctets, calledstationid, callingstationid, ServiceType, framedprotocol, framedipaddress, acctstartdelay, xascendsessionsvrkey) VALUES (' % (Acct-Session-Id) ','% (Acct-Unique-Session-Id) ','% (SQL-User-Name) ','% (Realm) ','% (NAS-IP-Address) ','% (NAS-Port) ','% (NAS-Port-Type) ', DATE_SUB ('% S ', INTERVAL (%{%{ Acct-Session-Time): -0) +% (% ( Acct-Delay-Time): -0)) SECOND), '% (Acct-Session-Time)', '% (Acct-Authentic)','','%{%{ Acct-Input-Gigawords): - 0) '<<32 |'%{%{ Acct-Input-Octets): -0)', Acct-Output-'%{%{ Gigawords): -0) '<<32 |'%{%{ Acct -Output-Octets): -0) ','% (Called-Station-Id) ','% (Calling-Station-Id) ','% (Service-Type) ','% (Framed-Protocol) ' , '% (Framed-IP-Address)', '0 ','% (X-Ascend-Session-Svr-Key) ') " accounting_start_query = "INSERT INTO radacct (acctsessionid, acctuniqueid, username, realm, nasipaddress, nasportid, nasporttype, acctstarttime, acctstoptime, acctsessiontime, acctauthentic, connectinfo_start, connectinfo_stop, acctinputoctets, acctoutputoctets, calledstationid, callingstationid, acctterminatecause, ServiceType, framedprotocol, framedipaddress, acctstartdelay , acctstopdelay, xascendsessionsvrkey) VALUES ('% (Acct-Session-Id)', '% (Acct-Unique-Session-Id)', '% (SQL-User-Name)', '% (Realm)', ' % (the NAS-IP-Address) ', the NAS-Port% ()', (% Nas-Port-Type) ', "% S', NULL, '0 'for'% (Acct-Authentic) ', '% (Connect-Info) ",'', '0', '0 ','% (Called-Station-Id) ','% (Calling" Station-Id) ','','% (Service- Type) ','% (Framed-Protocol) ','% (Framed-IP-Address) ','%{%{ Acct-Delay-Time): -0)', '0 ','% (X- Ascend-Session-Svr-Key) ') " accounting_start_query_alt = "UPDATE SET radacct acctstarttime = '% S', acctstartdelay ='%{%{ Acct-Delay-Time): -0) ', connectinfo_start ='% (Connect-Info) 'WHERE acctsessionid ='% (Acct- Session-Id) 'AND username ='% (SQL-User-Name) 'AND nasipaddress ='% (NAS-IP-Address) '" accounting_stop_query = "UPDATE SET radacct acctstoptime = '% S', acctsessiontime = '% (Acct-Session-Time)', acctinputoctets ='%{%{ Acct-Input-Gigawords): -0) '<<32 |'% (% (Acct-Input-Octets): -0) ', acctoutputoctets ='%{%{ Acct-Output-Gigawords): -0)' <<32 |'%{%{ Acct-Output-Octets): - 0) ', acctterminatecause ='% (Acct-Terminate-Cause) ', acctstopdelay ='%{%{ Acct-Delay-Time): -0)', connectinfo_stop = '% (Connect-Info)' WHERE acctsessionid = ' % (Acct-Session-Id) 'AND username ='% (SQL-User-Name) 'AND nasipaddress ='% (NAS-IP-Address) '" accounting_stop_query_alt = "INSERT INTO radacct (acctsessionid, acctuniqueid, username, realm, nasipaddress, nasportid, nasporttype, acctstarttime, acctstoptime, acctsessiontime, acctauthentic, connectinfo_start, connectinfo_stop, acctinputoctets, acctoutputoctets, calledstationid, callingstationid, acctterminatecause, ServiceType, framedprotocol, framedipaddress, acctstartdelay , acctstopdelay) VALUES ('% (Acct-Session-Id)', '% (Acct-Unique-Session-Id)', '% (SQL-User-Name)', '% (Realm)', '% ( NAS-IP-Address) ','% (NAS-Port) ','% (NAS-Port-Type) ', DATE_SUB ('% S ', INTERVAL (%{%{ Acct-Session-Time): -0 (%) +% (Acct-Delay-Time): -0)) SECOND), '% S', '% (Acct-Session-Time)', '% (Acct-Authentic)','', '% (Connect-Info) ','%{%{ Acct-Input-Gigawords): -0)' <<32 |'%{%{ Acct-Input-Octets): -0) ', Acct'%{%{ -Output-Gigawords): -0) '<<32 |'%{%{ Acct-Output-Octets): -0)', '% (Called-Station-Id)', '% (Calling-Station-Id ) ','% (Acct-Terminate-Cause) ','% (Service-Type) ','% (Framed-Protocol) ','% (Framed-IP-Address) ', '0', '% ( % (Acct-Delay-Time): -0) ') " group_membership_query = "SELECT groupname FROM radusergroup WHERE username = '% (SQL-User-Name)' ORDER BY priority" connect_failure_retry_delay = 60 simul_count_query = "" simul_verify_query = "SELECT radacctid, acctsessionid, username, nasipaddress, nasportid, framedipaddress, callingstationid, framedprotocol radacct FROM WHERE username = '% (SQL-User-Name)' AND acctstoptime IS NULL" postauth_query = "INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ('% (User-Name)', User-Password'%{%{ }:-%{ Chap-Password)) ','% (reply :) Packet-Type ','% S ') " safe-characters = "@ abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /" ) rlm_sql (sql): Driver rlm_sql_mysql (rlm_sql_mysql module) loaded and linked rlm_sql (sql): Attempting to connect to radius @ localhost: / radius rlm_sql (sql): starting 0 rlm_sql (sql): Attempting to connect rlm_sql_mysql # 0 rlm_sql_mysql: Starting connect to MySQL server for # 0 rlm_sql (sql): Connected new DB handle, # 0 rlm_sql (sql): starting 1 rlm_sql (sql): Attempting to connect rlm_sql_mysql # 1 rlm_sql_mysql: Starting connect to MySQL server for # 1 rlm_sql (sql): Connected new DB handle, # 1 rlm_sql (sql): starting 2 rlm_sql (sql): Attempting to connect rlm_sql_mysql # 2 rlm_sql_mysql: Starting connect to MySQL server for # 2 rlm_sql (sql): Connected new DB handle, # 2 rlm_sql (sql): starting 3 rlm_sql (sql): Attempting to connect rlm_sql_mysql # 3 rlm_sql_mysql: Starting connect to MySQL server for # 3 rlm_sql (sql): Connected new DB handle, # 3 rlm_sql (sql): starting 4 rlm_sql (sql): Attempting to connect rlm_sql_mysql # 4 rlm_sql_mysql: Starting connect to MySQL server for # 4 rlm_sql (sql): Connected new DB handle, # 4 Module: Checking preacct {...} for more modules to load Module: Linked to module rlm_acct_unique Module: instantiating acct_unique (acct_unique key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port" ) Module: Checking accounting {...} for more modules to load Module: Linked to module rlm_detail Module: instantiating detail (detail detailfile = "/ var / log / freeradius / radacct /% (Client-IP-Address) / detail-% Y% m% d" header = "% t" detailperm = 384 dirperm = 493 locking = no log_packet_header = no ) Module: instantiating attr_filter.accounting_response (attr_filter.accounting_response attr_filter attrsfile = "/ etc / freeradius / attrs.accounting_response" key = "% (User-Name)" ) Module: Checking session {...} for more modules to load Module: Checking post-proxy {...} for more modules file to load Module: Checking post-auth {...} for more modules to load ) # Modules # Server) radiusd: # # # # Opening IP addresses and Ports # # # # list ( type = "auth" ipaddr = * port = 0 ) listen ( type = "acct" ipaddr = * port = 0 ) Listening on authentication address * port 1812 Listening on accounting address * port 1813 Listening on proxy address * port 1814 Ready to process requests. rad_recv: Access-Request packet from host 81.39.156.140 port 56 066, id = 0, length = 193 User-Name = "george" User-Password = "L] \ 357DK \ 027 \ 304 \ 033 \ 376Hx. \ 342Ö \ 336" NAS-IP-Address = 0.0.0.0 Service-Type = Login-User Framed-IP-Address = 172.30.0.2 Calling-Station-Id = "00-26-B6-21-00-B6" Called-Station-Id = "00-15-6D-EA-2A-64" NAS-Identifier = "nas01" Acct-Session-Id = "4a22752700000000" NAS-Port-Type = Wireless-802.11 NAS-Port = 0 Message-Authenticator = 0xcb69aaaeb72f21b84a10ffcda684fc8d WISPr-Logoff-URL = "http://172.30.0.1:3990/logoff" + - Authorize Entering group {...} + + [Preprocess] returns ok + + [Chap] returns noop + + [MSCHAP] returns noop [Suffix] No '@' in User-Name = "george", looking up realm NULL [Suffix] No such realm "NULL" + + [Suffix] returns noop [Eap] No EAP-Message, Not doing EAP + + [Eap] returns noop + + [Unix] returns notfound [Sql] expand:% (User-Name) -> jorge [Sql] sql_set_user escaped user -> 'jorge' rlm_sql (sql): Reserving sql socket id: 4 [Sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '% (SQL-User-Name)' ORDER BY id -> SELECT id, username, attribute, value, op FROM WHERE username = radcheck 'jorge' ORDER BY id [Sql] User radcheck found in table [Sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '% (SQL-User-Name)' ORDER BY id -> SELECT id, username, attribute, value, op FROM WHERE username = radreply 'jorge' ORDER BY id [Sql] expand: SELECT groupname FROM radusergroup WHERE username = '% (SQL-User-Name)' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'jorge' ORDER BY priority rlm_sql (sql): Released sql socket id: 4 + + [Sql] returns ok + + [Expiration] returns noop + + [Logintime] returns noop WARNING: Please update your configuration, and remove 'Auth-Type = Local' WARNING: Use the PAP or CHAP modules instead. User-Password in the request does NOT match "known good" password. Failed to authenticate the user. WARNING: unprintable characters in the password. Double-check the shared secret on the server and the NAS! Using Post-Auth-Type Reject + - Entering group REJECT {...} [Attr_filter.access_reject] expand:% (User-Name) -> jorge attr_filter: Matched entry DEFAULT at line 11 + + [Attr_filter.access_reject] returns updated Delaying reject of request 0 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 0 Sending Access-Reject of id 0 to 81.39.156.140 port 56 066 Waking up in 4.9 seconds. Cleaning up request 0 ID 0 with timestamp +10 Ready to process requests. When I try to authenticate displays the following output: rad_recv: Access-Request packet from host 81.39.156.140 port 56 607, id = 0, length = 193 User-Name = "steve" User-Password = "\ 227 \ 260 \ 342 \ 242R $, \ 274 \ 204 \ 270 \ 265 \ 035 <\ 217X \ 313" NAS-IP-Address = 0.0.0.0 Service-Type = Login-User Framed-IP-Address = 172.30.0.2 Calling-Station-Id = "00-26-B6-21-00-B6" Called-Station-Id = "00-15-6D-EA-2A-64" NAS-Identifier = "nas01" Acct-Session-Id = "4a22752700000000" NAS-Port-Type = Wireless-802.11 NAS-Port = 0 Message-Authenticator = 0x5024856015aed1488bc5a5ab81f96a7e WISPr-Logoff-URL = "http://172.30.0.1:3990/logoff" + - Authorize Entering group {...} & + [Preprocess] returns ok + + [Chap] returns noop & + [MSCHAP] returns noop [Suffix] No '@' in User-Name = "steve", looking up realm NULL [Suffix] No such realm "NULL" + + [Suffix] returns noop [Eap] No EAP-Message, Not doing EAP + + [Eap] returns noop + + [Unix] returns notfound [Sql] expand:% (User-Name) -> steve [Sql] sql_set_user escaped user -> 'steve' rlm_sql (sql): Reserving sql socket id: 3 [Sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '% (SQL-User-Name)' ORDER BY id -> SELECT id, username, attribute, value, op FROM WHERE username = radcheck 'steve' ORDER BY id [Sql] expand: SELECT groupname FROM radusergroup WHERE username = '% (SQL-User-Name)' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'steve' ORDER BY priority rlm_sql (sql): Released sql socket id: 3 [Sql] User not found steve + + [Sql] returns notfound + + [Expiration] returns noop + + [Logintime] returns noop No authenticate method (Auth-Type) configuration found for the request: Rejecting the user Failed to authenticate the user. WARNING: unprintable characters in the password. Double-check the shared secret on the server and the NAS! Using Post-Auth-Type Reject + - Entering group REJECT {...} [Attr_filter.access_reject] expand:% (User-Name) - steve attr_filter: Matched entry DEFAULT at line 11 & & [Attr_filter.access_reject] returns updated Delaying reject of request 1 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 1 Sending Access-Reject of id 0 to 81.39.156.140 port 56 607 Waking up in 4.9 seconds. Cleaning up request 1 ID 0 with timestamp +515 Ready to process requests. Thank you very much ;) -- View this message in context: http://old.nabble.com/Freeradius%2Bmysql%2Bchillispot-tp29149021p29149021.ht... Sent from the FreeRadius - User mailing list archive at Nabble.com.