Authentication problem if CHAP is not used
Alex M
radiussupport at lrcommunications.net
Wed Mar 15 17:45:09 CET 2006
Ok, I here is full debug info... I first sent the CHAP request and it's OK,
then I deselected CHAP Check Box and request was rejected... I don't see any
errors; maybe you would see something why it doesn't authenticate without
chap?
[root at localhost root]# radiusd -x
Starting - reading configuration files ...
Using deprecated naslist file. Support for this will go away soon.
Module: Loaded exec
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
Module: Instantiated mschap (mschap)
Module: Loaded System
Module: Instantiated unix (unix)
Module: Loaded eap
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
rlm_eap: Loaded and initialized type gtc
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded preprocess
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
Module: Instantiated realm (suffix)
Module: Loaded files
Module: Instantiated files (files)
Module: Loaded SQL
rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
rlm_sql (sql): Attempting to connect to root at localhost:/radius
rlm_sql (sql): starting 0
rlm_sql (sql): Attempting to connect rlm_sql_mysql #0
rlm_sql_mysql: Starting connect to MySQL server for #0
rlm_sql (sql): Connected new DB handle, #0
rlm_sql (sql): starting 1
rlm_sql (sql): Attempting to connect rlm_sql_mysql #1
rlm_sql_mysql: Starting connect to MySQL server for #1
rlm_sql (sql): Connected new DB handle, #1
rlm_sql (sql): starting 2
rlm_sql (sql): Attempting to connect rlm_sql_mysql #2
rlm_sql_mysql: Starting connect to MySQL server for #2
rlm_sql (sql): Connected new DB handle, #2
rlm_sql (sql): starting 3
rlm_sql (sql): Attempting to connect rlm_sql_mysql #3
rlm_sql_mysql: Starting connect to MySQL server for #3
rlm_sql (sql): Connected new DB handle, #3
rlm_sql (sql): starting 4
rlm_sql (sql): Attempting to connect rlm_sql_mysql #4
rlm_sql_mysql: Starting connect to MySQL server for #4
rlm_sql (sql): Connected new DB handle, #4
rlm_sql (sql): - generate_sql_clients
rlm_sql (sql): Query: SELECT * FROM nas
rlm_sql (sql): Reserving sql socket id: 4
rlm_sql_mysql: query: SELECT * FROM nas
rlm_sql (sql): Read entry
nasname=192.168.0.100,shortname=nas2,secret=testing123
rlm_sql (sql): Adding client 192.168.0.100 (nas2) to clients list
rlm_sql (sql): Read entry
nasname=10.0.1.102,shortname=bntest,secret=testing123
rlm_sql (sql): Adding client 10.0.1.102 (bntest) to clients list
rlm_sql (sql): Read entry
nasname=192.168.0.104,shortname=homesegment_local,secret=testing123
rlm_sql (sql): Adding client 192.168.0.104 (homesegment_local) to clients
list
rlm_sql (sql): Read entry
nasname=192.168.0.100,shortname=PFSense,secret=testing123
rlm_sql (sql): Adding client 192.168.0.100 (PFSense) to clients list
rlm_sql (sql): Read entry
nasname=192.168.0.107,shortname=laptop,secret=testing123
rlm_sql (sql): Adding client 192.168.0.107 (laptop) to clients list
rlm_sql (sql): Released sql socket id: 4
Module: Instantiated sql (sql)
Module: Loaded Acct-Unique-Session-Id
Module: Instantiated acct_unique (acct_unique)
Module: Loaded detail
Module: Instantiated detail (detail)
Module: Loaded radutmp
Module: Instantiated radutmp (radutmp)
Initializing the thread pool...
Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests.
rad_recv: Access-Request packet from host 192.168.0.107:2848, id=0,
length=47
User-Name = "homepc"
CHAP-Password = 0x1b13f913ed86b3207ad5be3007add7f5bc
rlm_chap: Setting 'Auth-Type := CHAP'
rlm_sql (sql): Reserving sql socket id: 3
rlm_sql_mysql: query: SELECT id, UserName, Attribute, Value, op
FROM radcheck WHERE Username = 'homepc' ORDER BY id
rlm_sql_mysql: query: SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche
ck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE
usergroup.Username = 'homepc' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id
rlm_sql_mysql: query: SELECT id, UserName, Attribute, Value, op
FROM radreply WHERE Username = 'homepc' ORDER BY id
rlm_sql_mysql: query: SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep
ly.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE
usergroup.Username = 'homepc' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id
rlm_sql (sql): Released sql socket id: 3
rlm_chap: login attempt by "homepc" with CHAP password
rlm_chap: Using clear text password homepc for user homepc authentication.
rlm_chap: chap user homepc authenticated succesfully
Sending Access-Accept of id 0 to 192.168.0.107 port 2848
rad_recv: Access-Request packet from host 192.168.0.107:2849, id=1,
length=46
User-Name = "homepc"
User-Password = "homepc"
rlm_sql (sql): Reserving sql socket id: 2
rlm_sql_mysql: query: SELECT id, UserName, Attribute, Value, op
FROM radcheck WHERE Username = 'homepc' ORDER BY id
rlm_sql_mysql: query: SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupche
ck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE
usergroup.Username = 'homepc' AND usergroup.GroupName =
radgroupcheck.GroupName ORDER BY radgroupcheck.id
rlm_sql_mysql: query: SELECT id, UserName, Attribute, Value, op
FROM radreply WHERE Username = 'homepc' ORDER BY id
rlm_sql_mysql: query: SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgrouprep
ly.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE
usergroup.Username = 'homepc' AND usergroup.GroupName =
radgroupreply.GroupName ORDER BY radgroupreply.id
rlm_sql (sql): Released sql socket id: 2
Sending Access-Reject of id 1 to 192.168.0.107 port 2849
-----Original Message-----
From:
freeradius-users-bounces+radiussupport=lrcommunications.net at lists.freeradius
.org
[mailto:freeradius-users-bounces+radiussupport=lrcommunications.net at lists.fr
eeradius.org] On Behalf Of Alan DeKok
Sent: Wednesday, March 15, 2006 12:51 AM
To: FreeRadius users mailing list
Subject: Re: Authentication problem if CHAP is not used
"Alex M" <radiussupport at lrcommunications.net> wrote:
> I'm using default configuration except I enabled My SQL support.
> The error I'm getting in debug mode is this:
>
> rlm_unix: [alexus]: invalid password
Well, if you're going to look at small pieces of the debug log, I
would presume you will only be able to solve small pieces of the
problem.
> or no error whatsoever for any oher user, it just quits (terminates the
> procces) on
>
> rlm_sql (sql): Released sql socket id: 2
>
> I don't know what is wrong? Maybe PAP module was compiled wrong?
Maybe try reading the rest of the debug log? It's not like the text
is randomly generated. It's there to help you solve your problems.
But you *do* have to read it.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list