freeradius 1.1.1 and mysql issues

simon at 434canada.com simon at 434canada.com
Wed May 31 21:30:06 CEST 2006 

Hi,

I am having some issues getting users authenticated using a mysql database.  Right now I simply have one user entered into the database, for testing purposes.  If I use either NTRadPing from a remote machine or radtest on the actual server using the credentials in the database I get an Access-Accept packet.  However, when I try to actually connect using a WinXP laptop, I continually get Access-Reject messages back.  It looks like the password isn't making it across, even though I am entering this information on the laptop as it is trying to connect.  When I use another user account (that is defined in the users file) to actually connect, everything works fine. 

Below is the output from the server running in debug mode when I tried to connect:

Nothing to do.  Sleeping until we see a request.
rad_recv: Access-Request packet from host 10.10.1.1:2991, id=0, length=123
        User-Name = "simon"
        NAS-IP-Address = 10.10.1.1
        Called-Station-Id = "0014bff3dac8"
        Calling-Station-Id = "0013ce29c6d7"
        NAS-Identifier = "0014bff3dac8"
        NAS-Port = 56
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-802.11
        EAP-Message = 0x0200000a0173696d6f6e
        Message-Authenticator = 0x45e7cf8668c2564bc36bea9616eced0e
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 51
  modcall[authorize]: module "preprocess" returns ok for request 51
  modcall[authorize]: module "chap" returns noop for request 51
  modcall[authorize]: module "mschap" returns noop for request 51
    rlm_realm: No '@' in User-Name = "simon", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 51
  rlm_eap: EAP packet type response id 0 length 10
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 51
    users: Matched entry DEFAULT at line 157
  modcall[authorize]: module "files" returns ok for request 51
radius_xlat:  'simon'
rlm_sql (sql): sql_set_user escaped user --> 'simon'
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM radcheck           WHERE Username = 'simon'           ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 0
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op           FROM radcheck    WHERE Username = 'simon'           ORDER BY id
radius_xlat:  'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op  FROM radgroupcheck,usergroup WHERE usergroup.Username = 'simon' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
rlm_sql_mysql: query:  SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op  FROM radgroupcheck,usergroup WHERE usergroup.Username = 'simon' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM radreply           WHERE Username = 'simon'           ORDER BY id'
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op           FROM radreply    WHERE Username = 'simon'           ORDER BY id
radius_xlat:  'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op  FROM radgroupreply,usergroup WHERE usergroup.Username = 'simon' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql_mysql: query:  SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op  FROM radgroupreply,usergroup WHERE usergroup.Username = 'simon' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id
rlm_sql (sql): Released sql socket id: 0
  modcall[authorize]: module "sql" returns ok for request 51
modcall: leaving group authorize (returns updated) for request 51
  rad_check_password:  Found Auth-Type Local
auth: type Local
auth: No User-Password or CHAP-Password attribute in the request
auth: Failed to validate the user.
Login incorrect: [simon/<no User-Password attribute>] (from client linksys-434 port 56 cli 0013ce29c6d7)
Delaying request 51 for 1 seconds
Finished request 51
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 0 to 10.10.1.1 port 2991
Waking up in 5 seconds...
--- Walking the entire request list ---
Cleaning up request 51 ID 0 with timestamp 447deb46
Nothing to do.  Sleeping until we see a request.

It seems as though the password isn't getting across, but only when I try to use credentials stored in the database.  Any help here would be greatly appreciated.

Thanks,

Simon

More information about the Freeradius-Users mailing list