simple test,, how to go on?
Hi, - Freeradius 2.0.4, packaged by Ubuntu 9.04 Jaunty, on "radius20" host. In users: [...] mihamina Cleartext-Password := "{clear}mihamina" Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Address = 172.16.3.33, Framed-IP-Netmask = 255.255.255.0, Framed-Routing = Broadcast-Listen, Framed-Filter-Id = "std.ppp", Framed-MTU = 1500, Framed-Compression = Van-Jacobsen-TCP-IP [...] "clients.conf" already allows the client I launch radtest from. "radiusd.conf" is attached. When I launch $ radtest mihamina mihamina radius20 10 testing123 or $ radtest mihamina {clear}mihamina radius20 10 testing123 I get the answer: Access-Reject packet from host 41.204.103.216 port 1812 On the server, lauched with -X flag: rad_recv: Access-Request packet from host 41.204.104.9 port 54132, id=132, length=60 User-Name = "mihamina" User-Password = "mihamina" NAS-IP-Address = 127.0.1.1 NAS-Port = 10 +- entering group authorize ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop rlm_realm: No '@' in User-Name = "mihamina", looking up realm NULL rlm_realm: No such realm "NULL" ++[suffix] returns noop rlm_eap: No EAP-Message, not doing EAP ++[eap] returns noop ++[unix] returns updated users: Matched entry mihamina at line 86 ++[files] returns ok ++[expiration] returns noop ++[logintime] returns noop ++[pap] returns updated rad_check_password: Found Auth-Type auth: type "PAP" +- entering group PAP rlm_pap: login attempt with password "mihamina" rlm_pap: Using CRYPT encryption. rlm_pap: Passwords don't match ++[pap] returns reject auth: Failed to validate the user. Login incorrect (rlm_pap: CRYPT password check failed): [mihamina/mihamina] (from client quarante_un_deux_cent_quatre port 10) Found Post-Auth-Type Reject +- entering group REJECT expand: %{User-Name} -> mihamina attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 0 for 4 seconds Going to the next request Waking up in 0.9 seconds. Waking up in 2.9 seconds. rad_recv: Access-Request packet from host 41.204.104.9 port 54132, id=132, length=60 Waiting to send Access-Reject to client quarante_un_deux_cent_quatre port 54132 - ID: 132 Waking up in 0.9 seconds. Sending delayed reject for request 0 Sending Access-Reject of id 132 to 41.204.104.9 port 54132 Waking up in 4.9 seconds. Cleaning up request 0 ID 132 with timestamp +29 -- Architecte Informatique Gulfsat/Blueline: Administration Système, Recherche et Développement Mob: +261 33 11 207 36 Penser à l'environnement avant d'imprimer ce message
07/01/2009 02:53 PM, Rakotomandimby Mihamina:: [...]
rlm_pap: login attempt with password "mihamina" rlm_pap: Using CRYPT encryption. rlm_pap: Passwords don't match ++[pap] returns reject [...]
The question: What Have I got to put in the "Cleartext-Password" attribute in "users" in order to have Auth success? Thank you. -- Architecte Informatique Gulfsat/Blueline: Administration Système, Recherche et Développement Mob: +261 33 11 207 36 Penser à l'environnement avant d'imprimer ce message
Am 01.07.2009 um 14:10 schrieb Rakotomandimby Mihamina:
07/01/2009 02:53 PM, Rakotomandimby Mihamina:: [...]
rlm_pap: login attempt with password "mihamina" rlm_pap: Using CRYPT encryption. rlm_pap: Passwords don't match ++[pap] returns reject [...]
The question: What Have I got to put in the "Cleartext-Password" attribute in "users" in order to have Auth success?
In this case, as you have tried the password "mihamina" it should have been: Cleartext-Password := "mihamina"
Thank you.
Have a nice day!
-- Architecte Informatique Gulfsat/Blueline: Administration Système, Recherche et Développement Mob: +261 33 11 207 36 Penser à l'environnement avant d'imprimer ce message - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Nicolas Goutte extragroup GmbH - Karlsruhe Waldstr. 49 76133 Karlsruhe Germany Geschäftsführer: Stephan Mönninghoff, Hans Martin Kern, Tilman Haerdle Registergericht: Amtsgericht Münster / HRB: 5624 Steuer Nr.: 337/5903/0421 / UstID: DE 204607841
- Freeradius 2.0.4, packaged by Ubuntu 9.04 Jaunty, on "radius20" host.
In users: [...] mihamina Cleartext-Password := "{clear}mihamina"
That's wrong. Remove {clear} header from the password.
Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Address = 172.16.3.33, Framed-IP-Netmask = 255.255.255.0, Framed-Routing = Broadcast-Listen, Framed-Filter-Id = "std.ppp", Framed-MTU = 1500, Framed-Compression = Van-Jacobsen-TCP-IP [...]
"clients.conf" already allows the client I launch radtest from. "radiusd.conf" is attached.
When I launch $ radtest mihamina mihamina radius20 10 testing123 or $ radtest mihamina {clear}mihamina radius20 10 testing123
I get the answer: Access-Reject packet from host 41.204.103.216 port 1812
Because it isn't using password from the users file. ...
++[unix] returns updated
You have system password for that user. That one was used.
users: Matched entry mihamina at line 86 ++[files] returns ok
If you don't want to use system passwords but ones in users file comment out unix in authorize section of the default virtual server. Ivan Kalik Kalik Informatika ISP
participants (3)
-
Ivan Kalik -
Nicolas Goutte -
Rakotomandimby Mihamina