Configuring RADIUS Users

Radius radius at kingmanaz.net
Tue Nov 29 21:04:48 CET 2005


----- Original Message ----- 
From: "Christopher Carver" <ccarver at pennswoods.net>
To: "FreeRadius users mailing list" <freeradius-users at lists.freeradius.org>
Sent: Tuesday, November 29, 2005 11:04 AM
Subject: Re: Configuring RADIUS Users


> Madhuraka Godahewa wrote:
>
>>Hi All, I installed freeRADIUS 1.0.5 recently, and configured the server 
>>as described in the documentation files. My operating system is SUSE Linux 
>>9.2. When I run the 'radiusd -X' from the shell, the last four lines of 
>>the output are as follows. < Listening on authentication 
>>10.128.253.110:1812 Listening on accounting 10.128.253.110:1813 Listening 
>>on proxy 10.128.253.110:1814 Ready to process requests.
>> 10.128.253.110 is the IP Address given to the Radius Server. Then, I 
>> created a test account named 'root' with the password 'root'. Then, I ran 
>> the radtest (from the RADIUS Server itself) and got the following output. 
>> < Sending Access-Request of id 195 to 10.128.253.110:1812 User-Name = 
>> "root" User-Password = "root" NAS-IP-Address = rajith-office NAS-Port = 
>> 1812 rad_recv: Access-Accept packet from host 10.128.253.110:1812, 
>> id=195, length=20
>>'rajith-office' is the name given to the RADIUS Server. In the debug 
>>shell, I obtained the following output. < rad_recv: Access-Request packet 
>>from host 10.128.253.110:1025, id=195, length=56 User-Name = "root" 
>>User-Password = "root" NAS-IP-Address = 255.255.255.255 NAS-Port = 1812 
>>Processing the authorize section of radiusd.conf modcall: entering group 
>>authorize for request 0 modcall[authorize]: module "preprocess" returns ok 
>>for request 0 modcall[authorize]: module "chap" returns noop for request 0 
>>modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: 
>>No '@' in User-Name = "root", looking up realm NULL rlm_realm: No such 
>>realm "NULL" modcall[authorize]: module "suffix" returns noop for request 
>>0 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" 
>>returns noop for request 0 users: Matched root at 153 users: Matched 
>>DEFAULT at 157 modcall[authorize]: module "files" returns ok for request 0 
>>modcall: group authorize returns ok for request 0 rad_check_password: 
>>Found Auth-Type Local auth: type Local auth: user supplied User-Password 
>>matches local User-Password Sending Access-Accept of id 195 to 
>>10.128.253.110:1025 Finished request 0 Going to the next request ---  
>>Walking the entire request list --- 
>>Waking up in 6 seconds... --- Walking the entire request list --- 
>>Cleaning up request 0 ID 195 with timestamp 438c1bca Nothing to do. 
>>Sleeping until we see a request.
>> Now my problem is, when I try to send an access-request (using the Radius 
>> Test Utility) from another machine (running Windows XP), which is in the 
>> same network, the server does not says that it receives an 
>> access-request. Does anybody know, where the problem is? You should be 
>> seeing something if the requests is even making it to the
> radiusd process.  Use tcpdump on the server to ensure you are receiving 
> the request.  'tcpdump port 1812' should do it.  If you see nothing, you 
> have a firewall/network connectivity issue on the server or client.
>
> Chris Carver
> -
But root does not allow logins that way if his system is setup not to and 
most Linux
variants do that automatically. You have to "su" to get root access after 
you log in
with regular user. Maybe create a different user and try it.





More information about the Freeradius-Users mailing list