No authenticate method (Auth-Type) found for the request: Rejecting the user (freeradius v 2.2.5)
Hello, I keep getting this error after fixing all the rest. Could you help me? Thanks BR reading pairlist file /etc/freeradius/hints Module: Linked to module rlm_realm Module: Instantiating module "suffix" from file /etc/freeradius/mods-enabled/realm realm suffix { format = "suffix" delimiter = "@" ignore_default = no ignore_null = no } Module: Linked to module rlm_files Module: Instantiating module "files" from file /etc/freeradius/mods-enabled/files files { usersfile = "/etc/freeradius/users" acctusersfile = "/etc/freeradius/acct_users" preproxy_usersfile = "/etc/freeradius/preproxy_users" compat = "no" } reading pairlist file /etc/freeradius/users reading pairlist file /etc/freeradius/acct_users reading pairlist file /etc/freeradius/preproxy_users Module: Checking preacct {...} for more modules to load Module: Linked to module rlm_acct_unique Module: Instantiating module "acct_unique" from file /etc/freeradius/mods-enabled/acct_unique acct_unique { key = "User-Name, Acct-Session-Id, NAS-IP-Address, NAS-Identifier, NAS-Port" } Module: Checking accounting {...} for more modules to load Module: Linked to module rlm_detail Module: Instantiating module "detail" from file /etc/freeradius/mods-enabled/detail detail { detailfile = "/var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d" header = "%t" detailperm = 384 dirperm = 493 locking = no log_packet_header = no } Module: Linked to module rlm_attr_filter Module: Instantiating module "attr_filter.accounting_response" from file /etc/freeradius/mods-enabled/attr_filter attr_filter attr_filter.accounting_response { attrsfile = "/etc/freeradius/attrs.accounting_response" key = "%{User-Name}" relaxed = no } reading pairlist file /etc/freeradius/attrs.accounting_response Module: Checking session {...} for more modules to load Module: Linked to module rlm_radutmp Module: Instantiating module "radutmp" from file /etc/freeradius/mods-enabled/radutmp radutmp { filename = "/var/log/freeradius/radutmp" username = "%{User-Name}" case_sensitive = yes check_with_nas = yes perm = 384 callerid = yes } Module: Checking post-proxy {...} for more modules to load Module: Checking post-auth {...} for more modules to load Module: Instantiating module "attr_filter.access_reject" from file /etc/freeradius/mods-enabled/attr_filter attr_filter attr_filter.access_reject { attrsfile = "/etc/freeradius/attrs.access_reject" key = "%{User-Name}" relaxed = no } reading pairlist file /etc/freeradius/attrs.access_reject } # modules } # server server inner-tunnel { # from file /etc/freeradius/sites-enabled/inner-tunnel modules { Module: Checking authenticate {...} for more modules to load Module: Checking authorize {...} for more modules to load Module: Checking session {...} for more modules to load Module: Checking post-proxy {...} for more modules to load Module: Checking post-auth {...} for more modules to load } # modules } # server radiusd: #### Opening IP addresses and Ports #### listen { type = "auth" ipaddr = * port = 0 } listen { type = "acct" ipaddr = * port = 0 } listen { type = "auth" ipaddr = 127.0.0.1 port = 18120 } ... adding new socket proxy address * port 49178 Listening on authentication address * port 1812 Listening on accounting address * port 1813 Listening on authentication address 127.0.0.1 port 18120 as server inner-tunnel Listening on proxy address * port 1814 Ready to process requests. rad_recv: Access-Request packet from host 217.162.186.120 port 55504, id=19, length=282 NAS-Port-Type = Wireless-802.11 Calling-Station-Id = "D0:59:E4:08:F3:82" Called-Station-Id = "Zurich-tests" NAS-Port-Id = "ether5" User-Name = "escalanterj@gmail.com" NAS-Port = 2154823689 Acct-Session-Id = "80700009" Framed-IP-Address = 192.168.10.6 Mikrotik-Host-IP = 192.168.10.6 User-Password = "d41d8cd98f00b204e9800998ecf8427e81dc9bdb52d04dc20036dbd8313ed055d41d8cd98f00b204e9800998ecf8427e" Service-Type = Login-User WISPr-Logoff-URL = "http://192.168.10.1/logout" NAS-Identifier = "Zurich-tests" NAS-IP-Address = 192.168.0.119 # Executing section authorize from file /etc/freeradius/sites-enabled/default +group authorize { ++[preprocess] = ok ++[chap] = noop ++[mschap] = noop ++[digest] = noop [suffix] Looking up realm "gmail.com" for User-Name = "escalanterj@gmail.com" [suffix] No such realm "gmail.com" ++[suffix] = noop [eap] No EAP-Message, not doing EAP ++[eap] = noop ++[files] = noop ++[expiration] = noop ++[logintime] = noop +} # group authorize = ok ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. Using Post-Auth-Type REJECT # Executing group from file /etc/freeradius/sites-enabled/default +group REJECT { [attr_filter.access_reject] expand: %{User-Name} -> escalanterj@gmail.com attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] = updated +} # group REJECT = updated Delaying reject of request 0 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 0 Sending Access-Reject of id 19 to 217.162.186.120 port 55504 Waking up in 4.9 seconds. Cleaning up request 0 ID 19 with timestamp +613 Ready to process requests. rad_recv: Access-Request packet from host 217.162.186.120 port 53562, id=20, length=282 NAS-Port-Type = Wireless-802.11 Calling-Station-Id = "D0:59:E4:08:F3:82" Called-Station-Id = "Zurich-tests" NAS-Port-Id = "ether5" User-Name = "escalanterj@gmail.com" NAS-Port = 2154823690 Acct-Session-Id = "8070000a" Framed-IP-Address = 192.168.10.6 Mikrotik-Host-IP = 192.168.10.6 User-Password = "d41d8cd98f00b204e9800998ecf8427e81dc9bdb52d04dc20036dbd8313ed055d41d8cd98f00b204e9800998ecf8427e" Service-Type = Login-User WISPr-Logoff-URL = "http://192.168.10.1/logout" NAS-Identifier = "Zurich-tests" NAS-IP-Address = 192.168.0.119 # Executing section authorize from file /etc/freeradius/sites-enabled/default +group authorize { ++[preprocess] = ok ++[chap] = noop ++[mschap] = noop ++[digest] = noop [suffix] Looking up realm "gmail.com" for User-Name = "escalanterj@gmail.com" [suffix] No such realm "gmail.com" ++[suffix] = noop [eap] No EAP-Message, not doing EAP ++[eap] = noop ++[files] = noop ++[expiration] = noop ++[logintime] = noop +} # group authorize = ok ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. Using Post-Auth-Type REJECT # Executing group from file /etc/freeradius/sites-enabled/default +group REJECT { [attr_filter.access_reject] expand: %{User-Name} -> escalanterj@gmail.com attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] = updated +} # group REJECT = updated Delaying reject of request 1 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 1 Sending Access-Reject of id 20 to 217.162.186.120 port 53562 Waking up in 4.9 seconds. Cleaning up request 1 ID 20 with timestamp +625 Ready to process requests.
On May 14, 2015, at 9:02 AM, <escalanterj@gmail.com> <escalanterj@gmail.com> wrote:
I keep getting this error after fixing all the rest. Could you help me?
You've done two things: 1) failed to tell FreeRADIUS anything about that user. No "known good" name or password. 2) deleted "pap" from the "authorize" section. It's there in the default configuration. How is FreeRADIUS supposed to authenticate someone when it doesn't know who the user is, or what the correct password is? Read the FAQ for how to set up a test user. Honestly, this should take about 5 minutes at most. Alan DeKok.
participants (2)
-
Alan DeKok -
escalanterj@gmail.com