Hi...guys... with the blow configuration .....in user file DEFAULT Ldap-Group == "cn=employees,ou=group,dc=ldap,dc=home,dc=com", Auth-Type := PAP Reply-Message = "You are Accepted" DEFAULT Auth-Type := Reject I test the radius access from command line , by entering wrong password [1] and correct password [2] .., in that case radius respond fine, Issue only occurs [3] when access via ubuntu machine (WPAsupplicant) ... eg -- 1) radtest username wrong-password 192.168.0.63 1812 testing123 Sending Access-Request of id 176 to 192.168.0.63 port 1812 User-Name = "dhanushkar@wso2.com" User-Password = "dcn05c4-128222" NAS-IP-Address = 192.168.0.60 NAS-Port = 1812 rad_recv: Access-Reject packet from host 192.168.0.63 port 1812, id=176, length=38 2) radtest username correct-password 192.168.0.63 1812 testing123 Sending Access-Request of id 167 to 192.168.0.63 port 1812 User-Name = "dhanushkar@wso2.com" User-Password = "dcn05c4-1282" NAS-IP-Address = 192.168.0.60 NAS-Port = 1812 rad_recv: Access-Accept packet from host 192.168.0.63 port 1812, id=167, length=38 3) # Executing group from file /etc/freeradius/sites-enabled/default Thu May 3 11:50:26 2012 : Info: +- entering group PAP {...} Thu May 3 11:50:26 2012 : Info: [pap] ERROR: You set 'Auth-Type = PAP' for a request that does not contain a User-Password attribute! Thu May 3 11:50:26 2012 : Info: ++[pap] returns invalid Thu May 3 11:50:26 2012 : Info: Failed to authenticate the user. Thank you Dhanushka On 4 May 2012 11:58, Fajar A. Nugraha <list@fajar.net> wrote:
On Fri, May 4, 2012 at 1:15 PM, dhanushka ranasinghe <parakrama1282@gmail.com> wrote:
Hi..
when i removed "Auth-Type := PAP" line radius not checking password , even when wrong password is used user get the authenticated.
What does the debug log say?
My guess is you have Auth-Type := Accept somewhere.
-- Fajar - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html