On Fri, May 03, 2013 at 09:19:40PM +0800, Prashant Abhang wrote:
I faced the same issue. I am using sql for storing user password. For solving issue I changed the password type from 'Cleartext-Password' to User-Password and it worked for me.
But as you said, there is no difference and User-Password is deprecated. So what would be the reason for the above issue?
radiusd -X? If you're using a password with a header (e.g. "{SHA1}...") then you should use Password-With-Header instead of Cleartext-Password. Otherwise it should work. See rlm_pap(5). Without full debug logs, it's impossible to tell much more. Matthew
________________________________ From: Matthew Newton <mcn4@leicester.ac.uk> To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Sent: Friday, 3 May 2013 6:21 PM Subject: Re: Proxy Treatment of PAP/Chap Auth Types
On Fri, May 03, 2013 at 04:46:27AM +0200, James T Mugauri wrote:
attributes so: radtest -t <type> iS_u2h4gna a2uwv localhost 1812 ... [chap] login attempt by "iS_u2h4gna" with CHAP password [chap] Using clear text password "uz3f9" for user iS_u2h4gna authentication. [chap] Password check failed ... +- entering group PAP {...} [pap] login attempt with password "a2uwv" [pap] Using clear text password "uz3f9" [pap] Passwords don't match
Have you tried testing it with the right password?
Otherwise, you should post the *full* output of radiusd -X for the startup and test request going through both servers so we can see what's happening. A small section doesn't help much.
You should use Cleartext-Password in place of User-Password in the config. There is no difference, and User-Password is deprecated and going away in 3.0.
Matthew
-- Matthew Newton, Ph.D. <mcn4@le.ac.uk> Systems Specialist, Infrastructure Services, I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom For IT help contact helpdesk extn. 2253, <ithelp@le.ac.uk>