normal behaviour when "Framed-Protocol = PPP" is in the Auth request?
lolo
milletl at sonorys.com
Fri Feb 23 11:08:28 CET 2007
Hi list,
I am very new in FreeRadius, and there is something which is a bit strange:
0] Current config
I use FreeRadius 1.1.4, out of the box.
I define my authorized clients in "clients.conf".
I define a user in the "users" file following the examples given in the same
file:
"
Mickey Auth-Type :=Local, User-Password == "mouse"
Reply-Message = "Hello mickey mouse"
"
--
1] I send the following authentication packet (using radclient):
"
Service-Type = Framed-User
User-Name = "Mickey"
User-Password = "mouse"
NAS-IP-Address = 172.24.2.103
NAS-Port = 0
"
--> I get accepted
--
2] I send the following authentication packet (same + "Framed-Protocol =
PPP"):
"
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = "Mickey"
User-Password = "mouse"
NAS-IP-Address = 172.24.2.103
NAS-Port = 0
"
--> I get rejected
--
3] I create a Unix user Mickey with password "mouse" on the FreeRadius host,
and I send again:
"
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = "Mickey"
User-Password = "mouse"
NAS-IP-Address = 172.24.2.103
NAS-Port = 0
"
--> I get accepted
--
4] Here is a short extract of the FreeRadius output when I get rejected:
"
modcall[authorize]: module "files" returns ok for request 0
rlm_pap: WARNING! No "known good" password found for the user.
Authentication may fail because of this.
"
--
I found a 'work-around' (using the Unix user), but could somebody explain me
why do I get accepted or not depending on the "Framed-Protocol == PPP" flag
sent in the request or not, and depending on the way I specify the user
(file or Unix account)?
Thanks a lot!
Laurent
More information about the Freeradius-Users
mailing list