Hello, The way you described is the way I did, exactly like the wiki. And I know what is the problem, what I cannot find is the way to solve it. BR Sent from my Huawei Mobile -------- Original Message -------- Subject: Re: right tutorial From: Uchenna Nebedum To: FreeRadius users mailing list CC: Hi Javier, I'm a new user but from your debug output i think this is the problem : WARNING: No "known good" password found for the user. Not setting Auth -Type (0) pap: WARNING: Authentication will fail unless a "known good" password is ava ilable How did you insert the user into radcheck. To insert password the sql statement is Insert into radcheck (username, attribute, value, op) values('test', 'Cleartext-Password', 'test', ':='); something of the sort. hope it helps. On Sun, Jun 24, 2018, 14:57 Javier Escalante wrote: > Hello, > > Sorry guys, based on the answers of Alan, I might be stupid...I'll explain > another time and I hope this time I get some help: > > 1. I installed a fresh server (I have my all server already configured and > working since 4 years) > 2. I installed freeradius 3.0.16 and mysql. No errors during installation > 3. I tested with user and password in file, and it worked perfectly > 4. I tested by putting the user test with password test in radcheck and > the authentication failed as it is shown further down. > 5. I have searched in all kind of forums and obviously also in > www.freeradius.org. No solution yet. > 6. The sql seems to be working despite the include line is not uncommented > in radiusd.conf. Can somebody confirm? > > Can anybody give me a clue of how to solve this problem? > > Request: > > radtest test test localhost 10 1107 > > Freeradius debug output: > > Ready to process requests > (0) Received Access-Request Id 195 from 127.0.0.1:37474 to 127.0.0.1:1812 > length > 74 > (0) User-Name = "test" > (0) User-Password = "test" > (0) NAS-IP-Address = 5.135.246.127 > (0) NAS-Port = 10 > (0) Message-Authenticator = 0x05270c450007175556849d0b38cc7a27 > (0) # Executing section authorize from file > /etc/freeradius/3.0/sites-enabled/de > fault > (0) authorize { > (0) [preprocess] = ok > (0) [chap] = noop > (0) [mschap] = noop > (0) [digest] = noop > (0) suffix: Checking for suffix after "@" > (0) suffix: No '@' in User-Name = "test", looking up realm NULL > (0) suffix: No such realm "NULL" > (0) [suffix] = noop > (0) eap: No EAP-Message, not doing EAP > (0) [eap] = noop > (0) [files] = noop > (0) sql: EXPAND %{User-Name} > (0) sql: --> test > (0) sql: SQL-User-Name set to 'test' > rlm_sql (sql): Reserved connection (0) > (0) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck > WHERE us > ername = '%{SQL-User-Name}' ORDER BY id > (0) sql: --> SELECT id, username, attribute, value, op FROM radcheck > WHERE us > ername = 'test' ORDER BY id > (0) sql: Executing select query: SELECT id, username, attribute, value, op > FROM > radcheck WHERE username = 'test' ORDER BY id > (0) sql: EXPAND SELECT groupname FROM radusergroup WHERE username = > '%{SQL-User- > Name}' ORDER BY priority > (0) sql: --> SELECT groupname FROM radusergroup WHERE username = 'test' > ORDER > BY priority > (0) sql: Executing select query: SELECT groupname FROM radusergroup WHERE > userna > me = 'test' ORDER BY priority > (0) sql: User not found in any groups > rlm_sql (sql): Released connection (0) > Need 5 more connections to reach 10 spares > rlm_sql (sql): Opening additional connection (5), 1 of 27 pending slots > used > (0) [sql] = notfound > (0) [expiration] = noop > (0) [logintime] = noop > (0) pap: WARNING: No "known good" password found for the user. Not > setting Auth > -Type > (0) pap: WARNING: Authentication will fail unless a "known good" password > is ava > ilable > (0) [pap] = noop > (0) } # authorize = ok > (0) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type = > Reject > (0) Failed to authenticate the user > (0) Using Post-Auth-Type Reject > (0) # Executing group from file /etc/freeradius/3.0/sites-enabled/default > (0) Post-Auth-Type REJECT { > (0) sql: EXPAND .query > (0) sql: --> .query > (0) sql: Using query template 'query' > rlm_sql (sql): Reserved connection (1) > (0) sql: EXPAND %{User-Name} > (0) sql: --> test > (0) sql: SQL-User-Name set to 'test' > (0) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate) > VALUES > ( '%{SQL-User-Name}', > '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet- > > Type}', '%S') > (0) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate) > VALUES > ( 'test', 'test', 'Access-Reject', '2018-06-24 13:55:21') > (0) sql: Executing query: INSERT INTO radpostauth (username, pass, reply, > authda > te) VALUES ( 'test', 'test', 'Access-Reject', '2018-06-24 > 13:55:21') > (0) sql: SQL query returned: success > (0) sql: 1 record(s) updated > rlm_sql (sql): Released connection (1) > (0) [sql] = ok > (0) attr_filter.access_reject: EXPAND %{User-Name} > (0) attr_filter.access_reject: --> test > (0) attr_filter.access_reject: Matched entry DEFAULT at line 11 > (0) [attr_filter.access_reject] = updated > (0) [eap] = noop > (0) policy remove_reply_message_if_eap { > (0) if (&reply:EAP-Message && &reply:Reply-Message) { > (0) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE > (0) else { > (0) [noop] = noop > (0) } # else = noop > (0) } # policy remove_reply_message_if_eap = noop > (0) } # Post-Auth-Type REJECT = updated > (0) Delaying response for 1.000000 seconds > Waking up in 0.3 seconds. > Waking up in 0.6 seconds. > (0) Sending delayed response > (0) Sent Access-Reject Id 195 from 127.0.0.1:1812 to 127.0.0.1:37474 > length 20 > Waking up in 3.9 seconds. > (0) Cleaning up request packet ID 195 with timestamp +2 > Ready to process requests > > Thanks in advance > > > BR > > > > > Javier Escalante > Business Development Manager > Javier.escalante@bwireless.eu > 00 34 626 785 675 > 00 34 93 141 56 36 > 00 41 78 689 85 69 > Skype: fruiz002 > Do you know our IoT solutions? Have a look here: www.bsmart.global > http://www.bwireless.eu > Le informamos que, de conformidad con la Ley Orgánica 15/1999, de 13 de > diciembre, de Protección de Datos de Carácter Personal, se informa que > todos los datos personales que nos ha facilitado serán incorporados y > tratados en los ficheros de B’W & TAKACS TELECOM, S.L. para las finalidades > de su e-mail. > Puede ejercer sus derechos de acceso, rectificación, cancelación y > oposición mediante una comunicación a B’W & TAKACS TELECOM, S.L. con > domicilio en Camil Oliveras, 26, 08032 Barcelona (España), o bien mediante > una comunicación a la dirección de correo electrónico info@bwireless.eu. > En ambos casos, deberá acompañar una copia de su documento nacional de > identidad o documento válido que lo identifique. > > > -----Original Message----- > From: Freeradius-Users [mailto:freeradius-users-bounces+javier.escalante= > bwireless.eu@lists.freeradius.org] On Behalf Of Alan Buxey > Sent: viernes, 22 de junio de 2018 20:06 > To: FreeRadius users mailing list > Subject: Re: right tutorial > > hi, > > Could somebody tell us which tutorial /wiki can we follow in order to > > properly configure freeradius 3.0.16? > > > > properly configure? you need to define what it is you are trying to do. > based on other replies there is history here that I havent seen (or > deleted amongst deluge of other posts) one persons requirement/use-case > rarely matches with another. > > take FreeRADIUS 3.0.16 - either built form source or via package. then > follow the guides (or read the docs in the config files themselves) as > required. > > DONT hack a load of the config around , start with basics (as per docs) > > > alan > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html