| thanks for the reply: well, i had tried other configuration for "users": bob Cleartext-Password = "bob" Juniper-Local-User-Name = "labrat" labrat is local login user id so that all of radius users will be mapped to that user. unfortunately, it is also failed though with no warning messages: rad_recv: Access-Request packet from host 192.168.255.138 port 55206, id=152, length=57 User-Name = "bob" User-Password = "bob" NAS-Identifier = "lab-r8" NAS-IP-Address = 150.150.0.1 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "bob", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[unix] returns notfound ++[files] returns noop ++[expiration] returns noop ++[logintime] returns noop [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop No authenticate method (Auth-Type) configuration found for the request: Rejecting the user Failed to authenticate the user. Using Post-Auth-Type Reject +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} -> bob attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 0 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 0 Sending Access-Reject of id 152 to 192.168.255.138 port 55206 Waking up in 4.9 seconds. rad_recv: Access-Request packet from host 192.168.255.138 port 55206, id=152, length=57 Sending duplicate reply to client r8 port 55206 - ID: 152 Sending Access-Reject of id 152 to 192.168.255.138 port 55206 Waking up in 2.9 seconds. Cleaning up request 0 ID 152 with timestamp +9 Ready to process requests. rad_recv: Access-Request packet from host 192.168.255.138 port 55206, id=152, length=57 User-Name = "bob" User-Password = "bob" NAS-Identifier = "lab-r8" NAS-IP-Address = 150.150.0.1 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "bob", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[unix] returns notfound ++[files] returns noop ++[expiration] returns noop ++[logintime] returns noop [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop No authenticate method (Auth-Type) configuration found for the request: Rejecting the user Failed to authenticate the user. Using Post-Auth-Type Reject +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} -> bob attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 1 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 1 Sending Access-Reject of id 152 to 192.168.255.138 port 55206 Waking up in 4.9 seconds. Cleaning up request 1 ID 152 with timestamp +15 Ready to process requests. --- On Sun, 9/19/10, Daniel Woodruffe <danny.woodruffe@yahoo.co.uk> wrote:
|