Where did you create the user and password cisco?

A copy of your users configuration file would be great

On Thu, Dec 10, 2009 at 12:05 PM, g <gerardocb@gmail.com> wrote:
Where did you create the user and password cisco?

A copy of your users configuration file would be great.


On Thu, Dec 10, 2009 at 11:03 AM, Alex Bahoor <alexbahoor@sbcglobal.net> wrote:

Alan,

Radius -X is always on, and I went through the clients.conf file. -X gives a lot information, since you asked here is my understanding. I'm not a programmer so some of them are cryptic to me. I put in comments to what I think they are, but they are only guesses. I would be very thankful if you can shed lights on them.

Also, there is file experimental.conf stated in eap.conf, but did not exist. It may have some useful information.

root@Crest raddb]# radtest cisco cisco 127.0.0.1 200 testing123

Sending Access-Request of id 187 to 127.0.0.1 port 1812

        User-Name = "cisco"

        User-Password = "cisco"

        NAS-IP-Address = 127.0.0.1

        NAS-Port = 200

rad_recv: Access-Request packet from host 127.0.0.1 port 43663, id=187, length=57

        User-Name = "cisco"

        User-Password = "cisco"

        NAS-IP-Address = 127.0.0.1

        NAS-Port = 200

+- entering group authorize {...}

++[preprocess] returns ok       ;what is preprocess and what does it do?

++[chap] returns noop   ;I can tell that chap was not selected as a protocol, right?

++[mschap] returns noop         ;as above

[suffix] No '@' in User-Name = "cisco", looking up realm NULL ;why @ is expected in a name or password?

[suffix] No such realm "NULL" ;what this mean?

++[suffix] returns noop

[eap] No EAP-Message, not doing EAP ;eap is not auth protocol.

++[eap] returns noop

++[unix] returns notfound       ;what is this?

++[files] returns noop          ?

++[expiration] returns noop     ?

++[logintime] returns noop      ?

[pap] WARNING! No "known good" password found for the user.  Authentication may fail because of this.   ;I do have a password (cisco).

++[pap] returns noop

No authenticate method (Auth-Type) configuration found for the request: Rejecting the user              ;this look like authentication protocol is a must before the process can work, however, eap.conf file is there and eap is uncommented out with its arguments. ?

Failed to authenticate the user.

Using Post-Auth-Type Reject

+- entering group REJECT {...}

[attr_filter.access_reject]     expand: %{User-Name} -> cisco

 attr_filter: Matched entry DEFAULT at line 11

++[attr_filter.access_reject] returns updated

Delaying reject of request 5 for 1 seconds

Going to the next request

Waking up in 0.9 seconds.

Sending delayed reject for request 5

Sending Access-Reject of id 187 to 127.0.0.1 port 43663

Waking up in 4.9 seconds.

rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=187, length=20

[root@Crest raddb]# Cleaning up request 5 ID 187 with timestamp +411

Ready to process requests.

Rgrds,

Alex

-----Original Message-----
From: freeradius-users-bounces+alexbahoor=sbcglobal.net@lists.freeradius.org [mailto:freeradius-users-bounces+alexbahoor=sbcglobal.net@lists.freeradius.org] On Behalf Of Alan Buxey
Sent: Thursday, December 10, 2009 2:07 AM
To: FreeRadius users mailing list
Subject: Re: Testing radius server

Hi,

> Now I know it's a config issue in the clients.conf, as radtest is failing. I

> set user name and password, but radius is sending a reject. This is the

> first time I'm using radius. So please bear with me. Can some one mail me

> example of the minimum required configuration that needed for the radius to

> work, no EAP or MSCAP ..etc.

hey, guess what - 'radiusd -X'  this will be far more useful than

throwing random recommendations to you.

have you followed basic guidance regarding hwo to use clients.conf

eg

testuser Cleartext-Password := "testpassword"


alan

-

List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

 

__________ Information from ESET NOD32 Antivirus, version of virus signature database 4674 (20091209) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com

 

__________ Information from ESET NOD32 Antivirus, version of virus signature database 4676 (20091210) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com

 

 

__________ Information from ESET NOD32 Antivirus, version of virus signature database 4676 (20091210) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com

 


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html