I configured freeradius on a Fedora Core 6 machine to use PAP against a cisco switch radtest on localhost is successfully. I think radiusd.conf users and clients.conf files are ok
From the cisco device after I insert user and password telnetting to it I got:
% Backup authentication 000206: Apr 5 12:42:29: %RADIUS-4-RADIUS_DEAD: RADIUS server 172.25.110.8:1645, 1646 is not responding. 000207: Apr 5 12:42:29: %RADIUS-4-RADIUS_ALIVE: RADIUS server 172.25.110.8:1645 ,1646 has returned. the cisco device won't let me log in... 172.25.110.8 is the right IP of the freeradius And this is the freeradius server log: rad_recv: Access-Request packet from host 172.25.110.109:21645, id=37, length=77 NAS-IP-Address = 172.25.110.109 NAS-Port = 2 NAS-Port-Type = Virtual User-Name = "test" Calling-Station-Id = "172.25.120.40" User-Password = "test" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: No '@' in User-Name = "test", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 0 users: Matched entry DEFAULT at line 152 users: Matched entry test at line 218 modcall[authorize]: module "files" returns ok for request 0 modcall: leaving group authorize (returns ok) for request 0 rad_check_password: Found Auth-Type Local auth: type Local auth: user supplied User-Password matches local User-Password Sending Access-Accept of id 37 to 172.25.110.109 port 21645 Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... rad_recv: Access-Request packet from host 172.25.110.109:21645, id=37, length=77 Sending duplicate reply to client SW-DATA-1:21645 - ID: 37 Re-sending Access-Accept of id 37 to 172.25.110.109 port 21645 --- Walking the entire request list --- Cleaning up request 0 ID 37 with timestamp 4614ef14 Nothing to do. Sleeping until we see a request. rad_recv: Access-Request packet from host 172.25.110.109:21645, id=37, length=77 NAS-IP-Address = 172.25.110.109 NAS-Port = 2 NAS-Port-Type = Virtual User-Name = "test" Calling-Station-Id = "172.25.120.40" User-Password = "test" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 1 modcall[authorize]: module "preprocess" returns ok for request 1 modcall[authorize]: module "chap" returns noop for request 1 modcall[authorize]: module "mschap" returns noop for request 1 rlm_realm: No '@' in User-Name = "test", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 1 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 1 users: Matched entry DEFAULT at line 152 users: Matched entry test at line 218 modcall[authorize]: module "files" returns ok for request 1 modcall: leaving group authorize (returns ok) for request 1 rad_check_password: Found Auth-Type Local auth: type Local auth: user supplied User-Password matches local User-Password Sending Access-Accept of id 37 to 172.25.110.109 port 21645 Finished request 1 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... rad_recv: Access-Request packet from host 172.25.110.109:21645, id=37, length=77 Sending duplicate reply to client SW-DATA-1:21645 - ID: 37 Re-sending Access-Accept of id 37 to 172.25.110.109 port 21645 --- Walking the entire request list --- Cleaning up request 1 ID 37 with timestamp 4614ef1f Nothing to do. Sleeping until we see a request. I can't figure out what's wrong... It's seems that something missing on the cisco side Is right that radius send back Access-Accept on port 21645? Thanks in advance