We are requesting bids to fix/install radius to work with version 1.0.4. Since we are not having any luck to get this running and response has been light and too few, and version 1.0.1 on another server just recently decided it didn't want to work correctly with slip when we set up a pass through (And this one was not touched) we are putting out paid request for help to reconfigure our production radius server. It must work with PAP and Chap using /etc/passwd/shadow & mysql database. We also authenticate our slipstream users from the mysql database. If you need to know how the database is laid out you will need to send instruction to get that for you. If we have to start over with database, that is fine also. I also have a mysql dump of the database in backup. There is only 22 users on one mysql database and 6 on the other. So to re-enter the information is not that bid of a deal and can be done very quickly with a pre-written script . We do have the backup text that was used to create the radius database to allow us to disable and enable slipstream and dialup users. All configuration steps need to be handled by email. We have our email to check every three minutes and can be set lower if need be to get job finished in timely manner. If we need to call you to configure this we can after 7:00pm our time to avoid toll charges. Once cost is accepted a new private email address will be provided. We prefer to not provide shell access to our servers. Didn't have to the last year when we hired help here to get our radius installed and working. You have to agree to work with me until finished once started. If you also prefer we can use the escrow service of rentacoder.com is where we get all our programming help, and will post this there also if we need to. We must have 24 hours (weekday) to have system verified as working by our wholesale provider. Thank you and good luck. Thursday night would be a very good time to do this so could be verified by morning.
Hi, I have Freeradius running where wireless users authenticate using EAP/TLS. Now, I would like to use the same server to authenticate wired users using EAP/MD5 on Cisco switch 3750 but it doesn't work. The log shows it doesn't do EAP authentication as shown below. Attached is my eap.conf. Please help. rad_recv: Access-Request packet from host 10.2.10.105:1812, id=6, length=98 NAS-IP-Address = 10.2.10.105 NAS-Port-Type = Async User-Name = "jeff" Service-Type = Framed-User Framed-MTU = 1500 Calling-Station-Id = "00-02-3f-09-9c-85" EAP-Message = 0x02010009016a656666 Message-Authenticator = 0xe96f3ad76059ff4bd380744026f8446e Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: No '@' in User-Name = "jeff", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: EAP packet type response id 1 length 9 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 0 users: Matched entry jeff at line 6 modcall[authorize]: module "files" returns ok for request 0 modcall: group authorize returns updated for request 0 rad_check_password: Found Auth-Type Local auth: type Local auth: No User-Password or CHAP-Password attribute in the request auth: Failed to validate the user.
Jefri bin Dahari wrote:
I have Freeradius running where wireless users authenticate using EAP/TLS. Now, I would like to use the same server to authenticate wired users using EAP/MD5 on Cisco switch 3750 but it doesn't work. The log shows it doesn't do EAP authentication as shown below. Attached is my eap.conf.
You appear to be setting Auth-Type to Local. Check your Users file and see where the Auth-Type := Local or similar is getting set. Comment it out. Vladimir
users: Matched entry jeff at line 6 modcall[authorize]: module "files" returns ok for request 0 modcall: group authorize returns updated for request 0 rad_check_password: Found Auth-Type Local auth: type Local auth: No User-Password or CHAP-Password attribute in the request auth: Failed to validate the user.
It works. Thank you very much Vladimir. ----- Original Message ----- From: "Vladimir Vuksan" <vlists@veus.hr> To: "FreeRadius users mailing list" <freeradius-users@lists.freeradius.org> Sent: Friday, July 08, 2005 14:39 Subject: Re: Can do EAP/TLS, but not EAP/MD5
Jefri bin Dahari wrote:
I have Freeradius running where wireless users authenticate using EAP/TLS. Now, I would like to use the same server to authenticate wired users using EAP/MD5 on Cisco switch 3750 but it doesn't work. The log shows it doesn't do EAP authentication as shown below. Attached is my eap.conf.
You appear to be setting Auth-Type to Local. Check your Users file and see where the Auth-Type := Local or similar is getting set. Comment it out.
Vladimir
users: Matched entry jeff at line 6 modcall[authorize]: module "files" returns ok for request 0 modcall: group authorize returns updated for request 0 rad_check_password: Found Auth-Type Local auth: type Local auth: No User-Password or CHAP-Password attribute in the request auth: Failed to validate the user.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
or simply put 'eap' as the last module in the authorize section. should be the same. Jefri bin Dahari wrote:
It works. Thank you very much Vladimir.
----- Original Message ----- From: "Vladimir Vuksan" <vlists@veus.hr> To: "FreeRadius users mailing list" <freeradius-users@lists.freeradius.org> Sent: Friday, July 08, 2005 14:39 Subject: Re: Can do EAP/TLS, but not EAP/MD5
Jefri bin Dahari wrote:
I have Freeradius running where wireless users authenticate using EAP/TLS. Now, I would like to use the same server to authenticate wired users using EAP/MD5 on Cisco switch 3750 but it doesn't work. The log shows it doesn't do EAP authentication as shown below. Attached is my eap.conf.
You appear to be setting Auth-Type to Local. Check your Users file and see where the Auth-Type := Local or similar is getting set. Comment it out.
Vladimir
participants (4)
-
Artur Hecker -
Jefri bin Dahari -
Radius -
Vladimir Vuksan