FreeRadius & ChilliSpot: Chap auth not working
Hello, I've asked a question in another forum: http://serverfault.com/q/653228/255461 To avoid duplicating I'll post basic info here. I've configured a captive portal with ChilliSpot, everything was working fine. When a user makes a login, the router send request to the freeradius server. My issue is when I tried to change the accounting to MySQL. I've configured a group to use with al the users wher I added Session-TimeOut and Idle-TimeOut in the *radgroupreply*table. I have also in the *radcheck* table defined the users with their password, something like 'Username', 'Chap-Password', ':=', 'password'
'Username', 'ClearText-Password', ':=', 'password'
I'm executing freeradius debugger and when I try to login with the user, freeradius fails and gives this message: [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop Found Auth-Type = CHAP # Executing group from file /etc/freeradius/sites-enabled/default +- entering group CHAP {...} [chap] login attempt by "garcia" with CHAP password [chap] Cleartext-Password is required for authentication ++[chap] returns invalid Failed to authenticate the user. I don't understand because there is a password defined in MySQL... Any help would be appreciated.
Alvaro Aneiros Veiga <alvaroaneirosveiga@gmail.com> writes:
'Username', 'Chap-Password', ':=', 'password' 'Username', 'ClearText-Password', ':=', 'password' .. [chap] Cleartext-Password is required for authentication .. I don't understand because there is a password defined in MySQL...
The password attribute name is incorrect. Chap-Password != Cleartext-Password ClearText-Password != Cleartext-Password You cannot just use some random approximate names and hope that FreeRADIUS guesses what you mean. Bjørn
On Dec 19, 2014, at 4:34 AM, Alvaro Aneiros Veiga <alvaroaneirosveiga@gmail.com> wrote:
I've asked a question in another forum:
That isn’t the main support forum… which is this list.
I have also in the radcheck table defined the users with their password, something like
“Something like”? Computers are specific. You need to know *exactly* what you’ve done.
I'm executing freeradius debugger and when I try to login with the user, freeradius fails and gives this message:
[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop
You’re ignoring all of the debug output related to SQL. Which means you won’t be able to figure out why it’s not finding the password in SQL. Alan DeKok.
participants (3)
-
Alan DeKok -
Alvaro Aneiros Veiga -
Bjørn Mork