I'm having a problem with FR2.1.10 and MD5 Passwords with MySQL. When I try to enable PAP I get the following: # Executing section authorize from file /etc/freeradius/sites-enabled/default +- entering group authorize {...} ++[preprocess] returns ok [chap] Setting 'Auth-Type := CHAP' ++[chap] returns ok ++[mschap] returns noop ++[digest] returns noop [suffix] No '@' in User-Name = "F0073402", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop [files] users: Matched entry DEFAULT at line 172 ++[files] returns ok [sql] expand: %{User-Name} -> F0073402 [...] rlm_sql (sql): Released sql socket id: 22 ++[sql] returns ok ++[expiration] returns noop ++[logintime] returns noop [pap] Normalizing MD5-Password from hex encoding [pap] WARNING: Auth-Type already set. Not setting to PAP ++[pap] returns noop the sites-enabled/default is: authorize { preprocess chap mschap digest suffix eap { ok = return } files sql expiration logintime pap noresetcounter dailycounter monthlycounter } authenticate { Auth-Type PAP { pap } Auth-Type CHAP { chap } Auth-Type MS-CHAP { mschap } digest unix eap } preacct { preprocess acct_unique suffix files } accounting { detail unix sql exec attr_filter.accounting_response } session { sql } post-auth { sql exec Post-Auth-Type REJECT { attr_filter.access_reject } } pre-proxy { } post-proxy { eap } What's wrong? :( thanks -- Lorenzo Milesi - lorenzo.milesi@yetopen.it GPG/PGP Key-Id: 0xE704E230 - http://keyserver.linux.it
You've trimmed the debug, but based on what you did give, the client isn't sending pap - it is sending chap. The client chooses the auth method - you can't force it at the server Lorenzo Milesi <maxxer@ufficyo.com> wrote:
I'm having a problem with FR2.1.10 and MD5 Passwords with MySQL.
When I try to enable PAP I get the following: # Executing section authorize from file /etc/freeradius/sites-enabled/default +- entering group authorize {...} ++[preprocess] returns ok [chap] Setting 'Auth-Type := CHAP'
-- Sent from my mobile device, please excuse brevity and typos.
You've trimmed the debug, but based on what you did give, the client isn't sending pap - it is sending chap. The client chooses the auth method - you can't force it at the server
I'm using radtest, doesn't work with -t pap either. Will recheck conf. thanks -- Lorenzo Milesi - lorenzo.milesi@yetopen.it GPG/PGP Key-Id: 0xE704E230 - http://keyserver.linux.it
Lorenzo Milesi wrote:
I'm having a problem with FR2.1.10 and MD5 Passwords with MySQL.
Which won't work with CHAP.
[pap] Normalizing MD5-Password from hex encoding [pap] WARNING: Auth-Type already set. Not setting to PAP ++[pap] returns noop ... What's wrong? :(
Nothing. You're not seeing an error. It's just a warning. Alan DeKok.
participants (3)
-
Alan DeKok -
Lorenzo Milesi -
Phil Mayers