On Wed, Dec 28, 2011 at 7:22 PM, Koenraad Lelong <radius01@de-brouwerij.be> wrote:
When I try via wifi using a user in the users-file, that user is accepted, a user in the mysql database is rejected.
When I try the "mysql-user" with radtest, the user is authenticated :
# radtest mtester1 mtester1 localhost 0 testing123 Sending Access-Request of id 56 to 127.0.0.1 port 1812 User-Name = "mtester1" User-Password = "mtester1" NAS-IP-Address = 127.0.1.1 NAS-Port = 0 Message-Authenticator = 0x00000000000000000000000000000000 rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=56, length=20
with default settings, radtest will use pap
rad_recv: Access-Request packet from host 192.168.185.14 port 1027, id=0, length=156 User-Name = "mtester1" NAS-IP-Address = 192.168.185.14 NAS-Port = 0 Called-Station-Id = "06-18-E7-D4-37-D0:Isengard" Calling-Station-Id = "18-87-96-5A-25-C6" Framed-MTU = 1400 NAS-Port-Type = Wireless-802.11 Connect-Info = "CONNECT 0Mbps 802.11" EAP-Message = 0x0200000d016d74657374657231
... while your wifi user uses EAP.
server inner-tunnel { # Executing section authorize from file /etc/freeradius/sites-enabled/inner-tunnel
see that config file?
+- entering group authorize {...} ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "mtester1", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop ++[control] returns noop [eap] EAP packet type response id 6 length 67 [eap] No EAP Start, assuming it's an on-going EAP conversation ++[eap] returns updated ++[files] returns noop ++[expiration] returns noop ++[logintime] returns noop ++[pap] returns noop
sql module is not configure on authorize section in that file. Fix it. -- Fajar