Hi,
Radius -X is always on, and I went through the clients.conf file. -X gives a lot information, since you asked here is my understanding. I'm not a programmer so some of them are cryptic to me. I put in comments to what I think they are, but they are only guesses. I would be very thankful if you can shed lights on them.
Also, there is file experimental.conf stated in eap.conf, but did not exist. It may have some useful information.
i think you need to start with the basics before you start playing with experimental features! ;-)
root@Crest raddb]# radtest cisco cisco 127.0.0.1 200 testing123
okay - very simple. we now look to see what happens....i've cut out the basic bits to answer your questions
++[preprocess] returns ok ;what is preprocess and what does it do?
Contains the functions for the "huntgroups" and "hints" - if you use those files then they'll seed the request so you can deal with it
++[chap] returns noop ;I can tell that chap was not selected as a protocol, right?
correct
++[mschap] returns noop ;as above
yep
[suffix] No '@' in User-Name = "cisco", looking up realm NULL ;why @ is expected in a name or password?
@ is not 'expected' - but if its present then the suffix module will do stuff.
[suffix] No such realm "NULL" ;what this mean?
exactly what it says - there wasnt a suffix, so the value is NULL but the suffix module found no NULL realm in your config
[eap] No EAP-Message, not doing EAP ;eap is not auth protocol.
correct - this isnt an EAP message
++[unix] returns notfound ;what is this?
unix passwd support. if you dont want to use /etc/passwd etc then comment 'unix' module out
++[files] returns noop ?
this is the big one - this is saying that files module found no information - this suggests that eg you dont have cisco Cleartext-Password := "cisco" in your users file. if you do then you are looking at the wrong users file - /etc/raddb/users or /usr/local/etc/raddb ?
++[expiration] returns noop ? ++[logintime] returns noop ?
2 modules that deal with exactly what they say - expiration and logintime - these are authorisation methods
[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ;I do have a password (cisco).
PAP could not find your configured user - it relies on at least one of the previous methods to get such a user!
No authenticate method (Auth-Type) configuration found for the request: Rejecting the user ;this look like authentication protocol is a must before the process can work, however, eap.conf file is there and eap is uncommented out with it’s arguments. ?
radtest doesnt do EAP you need to use one of the tests that does do EAP. anyway....I can safely state that if you install a fresh FreeRADIUS you should be able to add an example user to the users file (as I state above!) and do a radtest and test the whole thing within minutes. alan