FreeRadius & Cisco Pix Auth
NOC
noc at voicetelecom.ru
Thu Jan 12 00:18:21 CET 2006
Please, show your USERS file.
Best regards,
Serg
-----Original Message-----
From: freeradius-users-bounces+noc=voicetelecom.ru at lists.freeradius.org
[mailto:freeradius-users-bounces+noc=voicetelecom.ru at lists.freeradius.org]
On Behalf Of James Taylor
Sent: Thursday, January 12, 2006 2:02 AM
To: 'FreeRadius users mailing list'
Subject: RE: FreeRadius & Cisco Pix Auth
Sorry about that... here is the extended Debugs.
rad_recv: Access-Request packet from host 192.168.42.1:1025, id=66,
length=94
User-Name = "jtaylor"
NAS-IP-Address = 192.168.42.1
User-Password = "*******"
NAS-Port = 53
Cisco-AVPair = "ip:source-ip=192.168.43.250"
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
modcall[authorize]: module "mschap" returns noop for request 0
rlm_realm: No '@' in User-Name = "jtaylor", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 0
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 0
users: Matched entry DEFAULT at line 214
users: Matched entry DEFAULT at line 217
users: Matched entry DEFAULT at line 220
modcall[authorize]: module "files" returns ok for request 0
rlm_ldap: - authorize
rlm_ldap: performing user authorization for jtaylor
radius_xlat: '(uid=jtaylor)'
radius_xlat: 'ou=People,dc=laszlosystems,dc=com'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to intranet.corp.laszlosystems.com:389, authentication
0
rlm_ldap: bind as cn=Manager,dc=laszlosystems,dc=com/Laszl0 to
intranet.corp.laszlosystems.com:389
rlm_ldap: waiting for bind result ...
rlm_ldap: Bind was successful
rlm_ldap: performing search in ou=People,dc=laszlosystems,dc=com, with
filter (uid=jtaylor)
rlm_ldap: Added password ******* in check items
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user jtaylor authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns ok for request 0
modcall: group authorize returns ok for request 0
rad_check_password: Found Auth-Type System
auth: type "System"
ERROR: Unknown value specified for Auth-Type. Cannot perform requested
action.
auth: Failed to validate the user.
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 66 to 192.168.42.1:1025
-----Original Message-----
From:
freeradius-users-bounces+jtaylor=laszlosystems.com at lists.freeradius.org
[mailto:freeradius-users-bounces+jtaylor=laszlosystems.com at lists.freeradius.
org] On Behalf Of Alan DeKok
Sent: Wednesday, January 11, 2006 2:00 PM
To: FreeRadius users mailing list
Subject: Re: FreeRadius & Cisco Pix Auth
"James Taylor" <jtaylor at laszlosystems.com> wrote:
> The following shows a debug of what I am seeing on the Radius Server
> during the Auth process.
Nope. There's a LOT more information printed if you run as "radiusd -X",
as suggested in the FAQ, README, and INSTALL.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list