RE: Freeradius-Users Digest, Vol 46, Issue 94
Hey Tim, Tnx for the quick answer. In the meantime I figured out my problem. In 'users' file I commented out: ----- # First setup all accounts to be checked against the UNIX /etc/passwd. # (Unless a password was already given earlier in this file). # #DEFAULT Auth-Type = System # Fall-Through = 1 ----- Which 'tells' Radius to authenticate with /etc/passwd. Now localcheck works fine. I have another problem. I enter a client with a secret in clients.conf file: ---- Client 192.168.10.10 { secret = XXXXXXXX shortname = Test } But while testing from Client 192.168.10.10 - I got: --- rad_recv: Access-Request packet from host: 192.168.10.10:45931, id=56, length=53 Ignoring request from unknown client 192.168.10.10:45931 --- Walking the entire request list --- Nothing to do. Sleeping until we see a request. ------------ Any hint?? ------- בברכה, שמעון ויינרייך האוניברסיטה הפתוחה -----Original Message----- From: freeradius-users-bounces+shimon=openu.ac.il@lists.freeradius.org [mailto:freeradius-users-bounces+shimon=openu.ac.il@lists.freeradius.org] On Behalf Of freeradius-users-request@lists.freeradius.org Sent: Wednesday, February 25, 2009 8:45 AM To: freeradius-users@lists.freeradius.org Subject: Freeradius-Users Digest, Vol 46, Issue 94 Send Freeradius-Users mailing list submissions to freeradius-users@lists.freeradius.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.freeradius.org/mailman/listinfo/freeradius-users or, via email, send a message with subject or body 'help' to freeradius-users-request@lists.freeradius.org You can reach the person managing the list at freeradius-users-owner@lists.freeradius.org When replying, please edit your Subject line so it is more specific than "Re: Contents of Freeradius-Users digest..." Today's Topics: 1. auth: Failed to validate the user - NEED SOME HELP ! (Shimon Weinreich) 2. RE: auth: Failed to validate the user - NEED SOME HELP ! (Tim Sylvester) ---------------------------------------------------------------------- Message: 1 Date: Wed, 25 Feb 2009 08:35:38 +0200 From: "Shimon Weinreich" <shimon@openu.ac.il> Subject: auth: Failed to validate the user - NEED SOME HELP ! To: <freeradius-users@lists.freeradius.org> Message-ID: <A8DAF37AB05CA74C938F57DD1909576614360D@AMNON.openu.local> Content-Type: text/plain; charset="windows-1255" Hello, My name is Shimon from the Open Univ. of Israel. I installed freeradius and I want the Users to authenticate with /etc/raddb/users file NOT /etc/passwd file. Below is a printout of /usr/sbin/radius ?X ?y ---------------------- rad_recv: Access-Request packet from host 127.0.0.1:54057, id=172, length=59 User-Name = "monitor" User-Password = "XXXXXXXX" NAS-IP-Address = 255.255.255.255 NAS-Port = 1812 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: No '@' in User-Name = "monitor", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 0 users: Matched entry DEFAULT at line 152 users: Matched entry monitor at line 216 modcall[authorize]: module "files" returns ok for request 0 modcall: leaving group authorize (returns ok) for request 0 rad_check_password: Found Auth-Type System auth: type "System" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 0 modcall[authenticate]: module "unix" returns notfound for request 0 modcall: leaving group authenticate (returns notfound) for request 0 auth: Failed to validate the user. Delaying request 0 for 1 seconds Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Sending Access-Reject of id 172 to 127.0.0.1 port 54057 Waking up in 4 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 172 with timestamp 49a4e630 Nothing to do. Sleeping until we see a request. ----------------------------------------------------- Can someone help me with defining radius NOT to authenticate with /etc/passwd But with /etc/raddb/users file. Tnx, ------- ?????, ????? ???????? ??????????? ??????
Tnx for the quick answer. In the meantime I figured out my problem. In 'users' file I commented out: ----- # First setup all accounts to be checked against the UNIX /etc/passwd. # (Unless a password was already given earlier in this file). # #DEFAULT Auth-Type = System # Fall-Through = 1 -----
Which 'tells' Radius to authenticate with /etc/passwd. Now localcheck works fine. I have another problem. I enter a client with a secret in clients.conf file: ---- Client 192.168.10.10 { secret = XXXXXXXX shortname = Test }
But while testing from Client 192.168.10.10 - I got: --- rad_recv: Access-Request packet from host: 192.168.10.10:45931, id=56, length=53 Ignoring request from unknown client 192.168.10.10:45931 --- Walking the entire request list --- Nothing to do. Sleeping until we see a request. ------------
Any hint??
You have multiple installations and clients.conf that you edited doesn't belong to radiusd.conf you are running. Post the debug of server startup. Ivan Kalik Kalik Informatika ISP
participants (2)
-
Shimon Weinreich -
tnt@kalik.net