User /etc/shadow for Authentication

Norman Zhang norman.zhang at
Thu Apr 26 02:50:02 CEST 2007

tnt at wrote:
> Login OK: [tester] (from client test-network port 1 cli
> Sending Access-Accept of id 27 to
> You have "got in". But you haven't returned any radius attributes. You
> need to return something like Service-Type = Administrative-User or
> NAS-Prompt-User so NAS knows what to do with the user.

Thanks for the hint. I added the last two lines to users, now I can login.

DEFAULT	Auth-Type = System
	Fall-Through = 1,
         cisco-avpair = "shell:priv-lvl=15",
         Service-Type = Administrative-User

Still trying to learn FreeRADIUS, should Fall-Through = True and not 1? 
How can I specify some users to have priv-lvl lower than 15, if default 
is 15?


More information about the Freeradius-Users mailing list