Access Rejects and openSSL Problems (new install)
I just installed FreeRADIUS on Debian. However, I'm running into a couple problems. 1. I can't get localhost RADIUS test to work. The users file is almost at its default state except for the new user/pass I created: user1 Cleartext-Password := "password1" I keep getting access-rejects when testing user1/password1 on localhost, this is the debug: rad_recv: Access-Request packet from host 127.0.0.1 port 53121, id=109, length=57 User-Name = "user1" User-Password = "password1" NAS-IP-Address = 10.1.90.150 NAS-Port = 0 +- entering group authorize ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop rlm_realm: No '@' in User-Name = "user1", looking up realm NULL rlm_realm: No such realm "NULL" ++[suffix] returns noop rlm_eap: No EAP-Message, not doing EAP ++[eap] returns noop ++[unix] returns notfound ++[files] returns noop ++[expiration] returns noop ++[logintime] returns noop rlm_pap: WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop auth: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user auth: Failed to validate the user. Login incorrect: [user1/password1] (from client localhost port 0) Found Post-Auth-Type Reject +- entering group REJECT expand: %{User-Name} -> user1 attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 0 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 0 Sending Access-Reject of id 109 to 127.0.0.1 port 53121 Any idea how to fix the bold part of the debug? 2. I see this error posted a quite often on the forums, but I can't get it to go away: rlm_eap: Ignoring EAP-Type/tls because we do not have OpenSSL support. rlm_eap: Ignoring EAP-Type/ttls because we do not have OpenSSL support. rlm_eap: Ignoring EAP-Type/peap because we do not have OpenSSL support. I've reinstalled debian and ran "apt-get install libssl-dev" before installing freeradius. It seems like the openssl lib is not being read... any help will be greatly appreciated! -- View this message in context: http://freeradius.1045715.n5.nabble.com/Access-Rejects-and-openSSL-Problems-... Sent from the FreeRadius - User mailing list archive at Nabble.com.
never mind about the first problem. I restarted the rad service and it magically started working... -- View this message in context: http://freeradius.1045715.n5.nabble.com/Access-Rejects-and-openSSL-Problems-... Sent from the FreeRadius - User mailing list archive at Nabble.com.
twobacons wrote:
2. I see this error posted a quite often on the forums, but I can't get it to go away:
rlm_eap: Ignoring EAP-Type/tls because we do not have OpenSSL support. rlm_eap: Ignoring EAP-Type/ttls because we do not have OpenSSL support. rlm_eap: Ignoring EAP-Type/peap because we do not have OpenSSL support.
I've reinstalled debian and ran "apt-get install libssl-dev" before installing freeradius. It seems like the openssl lib is not being read... any help will be greatly appreciated!
You are running an old version of the package. Upgrade to 2.1.10. Or, re-build the server from source. Alan DeKok.
participants (2)
-
Alan DeKok -
twobacons