Netscreen authentication from freeradius.
ashish verma
ashish.scit at gmail.com
Wed Sep 12 08:26:32 CEST 2007
Hi all,
I am trying to authenticate netscreen 5gt from a radius server.
I have done the following config on netscreen..
set auth-server "radius1" id 1
set auth-server "radius1" server-name "192.168.1.50"
set auth-server "radius1" timeout 30
set auth-server "radius1" forced-timeout 60
set auth-server "radius1" radius port 1812
set auth-server "radius1" radius secret "testing123"
set auth radius accounting port 1813
and on radius side..i have made a local user.
net Cleartext-Password := "net"
but i am not able to authenticate...Netscreen is not sending anythin to
radius server..i can't see any logs in radius (running in debug mode).
Kindly suggest..
Thanks,
On 9/10/07, freeradius-users-request at lists.freeradius.org <
freeradius-users-request at lists.freeradius.org> wrote:
>
> Send Freeradius-Users mailing list submissions to
> freeradius-users at lists.freeradius.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.freeradius.org/mailman/listinfo/freeradius-users
> or, via email, send a message with subject or body 'help' to
> freeradius-users-request at lists.freeradius.org
>
> You can reach the person managing the list at
> freeradius-users-owner at lists.freeradius.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Freeradius-Users digest..."
>
>
> Today's Topics:
>
> 1. Re: Freeradius+Active directory - router login authentciation
> (Turbo Fredriksson)
> 2. two different enable passwords. (ashish verma)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 10 Sep 2007 13:06:29 +0200
> From: Turbo Fredriksson <turbo at dagdrivarn.se>
> Subject: Re: Freeradius+Active directory - router login authentciation
> To: freeradius-users at lists.freeradius.org
> Message-ID: <878x7eok3u.fsf at pumba.bayour.com>
> Content-Type: text/plain; charset=us-ascii
>
> Quoting "Rakesh Jha" <rakesh at burgan.com>:
>
> I'm far from an expert in FreeRADIUS (so take what I say with a
> grane of salt), but I instantly noticed this.
>
> > tls: private_key_file = "/usr/local/etc/raddb/certs/cert-srv.pem"
> > tls: certificate_file = "/usr/local/etc/raddb/certs/cert-srv.pem"
> > tls: CA_file = "/usr/local/etc/raddb/certs/demoCA/cacert.pem"
> > tls: check_cert_cn = "(null)"
> > tls: cipher_list = "(null)"
> > tls: check_cert_issuer = "(null)"
> > rlm_eap_tls: Loading the certificate file as a chain
> > rlm_eap_tls: Unable to open DH file - (null)
> > rlm_eap: Failed to initialize type tls
>
> It can't open the 'DH file' (don't quite know which one that is),
> but I would assume that it's some (or maybe all?) of the first
> three files. Do they exist? Does the freeradius daemon have the
> right to _read_ those files (are you running the daemon under some
> user _not_ root). I run (default in Debian GNU/Linux) the daemon
> under the 'freerad' user so this user must be able to read the
> files mentioned (AND have the right to access all directory paths
> before it).
>
> Also, the 'check_cert_cn' is empty. If you don't use it, uncomment
> it in the config file. probably goes for the options 'check_cert_cn'
> and 'check_cert_issuer' to.
>
> I DO use them, and my eap.conf file looks like this:
>
> ----- s n i p -----
> celia:~# egrep 'check_cert_issuer|check_cert_cn|cipher_list'
> /etc/freeradius/eap.conf
> check_cert_issuer = "<see below>"
> check_cert_cn = %{User-Name}
> cipher_list = "DEFAULT"
> ----- s n i p -----
>
> The 'check_cert_issuer' value is a little personal (something
> I wouldn't want to post to the 'Net) but is the value
> found in the 'subject' line when running the command:
>
> openssl x509 -subject -noout -in <cacert>
>
> ----- s n i p -----
> celia:~# openssl x509 -subject -noout -in /etc/ssl/CA/cacert.pem
> subject= <secret>
> ----- s n i p -----
>
> > radiusd.conf[10]: eap: Module instantiation failed.
> > radiusd.conf[1962] Unknown module "eap".
> > radiusd.conf[1909] Failed to parse authenticate section.
>
> These will probably go away once you have fixed the tls parts
> above...
>
> > As you have written 'as are most "helpful" pages not on freeradius.org',
> > can you please suggest some links which guide correctly to configure
> > radius, openssl and active directory.
>
> I think Alan is a little 'judgmental' (wrong choice, but I
> can't quite get the exact translation of what I meant) if here.
> I would to if (since!) people don't think for them self and
> only follow external 'documentation' by the letter without
> trying to actually understand what it means...
>
> Following ANY documentation require UNDERSTANDING! Not HOW,
> but WHY ('... a certain option is used with a special value').
>
> DISCLAIMER (before Alan slaps me :): I'm in no way better
> my self - I'm lousy in reading documentation.
> I only read a little here and a little there,
> but I (almost) always understand the parts that
> I DO read :)
>
>
> ------------------------------
>
> Message: 2
> Date: Mon, 10 Sep 2007 17:21:34 +0530
> From: "ashish verma" <ashish.scit at gmail.com>
> Subject: two different enable passwords.
> To: freeradius-users at lists.freeradius.org
> Message-ID:
> <11b554120709100451v630a635fj48f54a6660c46216 at mail.gmail.com>
> Content-Type: text/plain; charset="iso-8859-1"
>
> Hi all,
>
> I have radius-ldap setup for authenticating network devices.
>
> I have small doubt here.
>
> Is it possible to have different enable passwords for different
> huntgroups?
>
> For e.g. i have 2 huntgroups. one for cisco switches and one for cisco
> routers and I want to have different enable passwords for both.
>
> Currently i have only one entry for enable password and that is commom for
> all the cisco devices.
>
>
> On 9/10/07, freeradius-users-request at lists.freeradius.org <
> freeradius-users-request at lists.freeradius.org> wrote:
> >
> > Send Freeradius-Users mailing list submissions to
> > freeradius-users at lists.freeradius.org
> >
> > To subscribe or unsubscribe via the World Wide Web, visit
> > http://lists.freeradius.org/mailman/listinfo/freeradius-users
> > or, via email, send a message with subject or body 'help' to
> > freeradius-users-request at lists.freeradius.org
> >
> > You can reach the person managing the list at
> > freeradius-users-owner at lists.freeradius.org
> >
> > When replying, please edit your Subject line so it is more specific
> > than "Re: Contents of Freeradius-Users digest..."
> >
> >
> > Today's Topics:
> >
> > 1. RE: Freeradius+Active directory - router login authentciation
> > (Rakesh Jha)
> > 2. Re: Freeradius doesn't detect EAP when authenticating against
> > MySQL (Andrew Rowson)
> > 3. RE : LOGs of eap-tls authentication (inelec communication)
> > 4. Re: Freeradius doesn't detect EAP when authenticating against
> > MySQL (Alan DeKok)
> >
> >
> > ----------------------------------------------------------------------
> >
> > Message: 1
> > Date: Mon, 10 Sep 2007 09:21:42 +0300
> > From: "Rakesh Jha" <rakesh at burgan.com>
> > Subject: RE: Freeradius+Active directory - router login authentciation
> > To: "FreeRadius users mailing list"
> > <freeradius-users at lists.freeradius.org>
> > Message-ID:
> > <A928C53C7FC96746A7C07338F009DCA00C4D37 at BB-MAIL.main.burgan.bnk>
> > Content-Type: text/plain; charset="us-ascii"
> >
> > Alan,
> >
> > Please see the complete output of radiusd -X as following -
> >
> > Starting - reading configuration files ...
> > reread_config: reading radiusd.conf
> > Config: including file: /usr/local/etc/raddb/proxy.conf
> > Config: including file: /usr/local/etc/raddb/clients.conf
> > Config: including file: /usr/local/etc/raddb/snmp.conf
> > Config: including file: /usr/local/etc/raddb/eap.conf
> > Config: including file: /usr/local/etc/raddb/sql.conf
> > main: prefix = "/usr/local"
> > main: localstatedir = "/usr/local/var"
> > main: logdir = "/usr/local/var/log/radius"
> > main: libdir = "/usr/local/lib"
> > main: radacctdir = "/usr/local/var/log/radius/radacct"
> > main: hostname_lookups = no
> > main: max_request_time = 30
> > main: cleanup_delay = 5
> > main: max_requests = 1024
> > main: delete_blocked_requests = 0
> > main: port = 0
> > main: allow_core_dumps = no
> > main: log_stripped_names = no
> > main: log_file = "/usr/local/var/log/radius/radius.log"
> > main: log_auth = no
> > main: log_auth_badpass = no
> > main: log_auth_goodpass = no
> > main: pidfile = "/usr/local/var/run/radiusd/radiusd.pid"
> > main: user = "(null)"
> > main: group = "(null)"
> > main: usercollide = no
> > main: lower_user = "no"
> > main: lower_pass = "no"
> > main: nospace_user = "no"
> > main: nospace_pass = "no"
> > main: checkrad = "/usr/local/sbin/checkrad"
> > main: proxy_requests = yes
> > proxy: retry_delay = 5
> > proxy: retry_count = 3
> > proxy: synchronous = no
> > proxy: default_fallback = yes
> > proxy: dead_time = 120
> > proxy: post_proxy_authorize = no
> > proxy: wake_all_if_all_dead = no
> > security: max_attributes = 200
> > security: reject_delay = 1
> > security: status_server = no
> > main: debug_level = 0
> > read_config_files: reading dictionary
> > read_config_files: reading naslist
> > Using deprecated naslist file. Support for this will go away soon.
> > read_config_files: reading clients
> > read_config_files: reading realms
> > radiusd: entering modules setup
> > Module: Library search path is /usr/local/lib
> > Module: Loaded exec
> > exec: wait = yes
> > exec: program = "(null)"
> > exec: input_pairs = "request"
> > exec: output_pairs = "(null)"
> > exec: packet_type = "(null)"
> > rlm_exec: Wait=yes but no output defined. Did you mean output=none?
> > Module: Instantiated exec (exec)
> > Module: Loaded expr
> > Module: Instantiated expr (expr)
> > Module: Loaded PAP
> > pap: encryption_scheme = "crypt"
> > pap: auto_header = yes
> > Module: Instantiated pap (pap)
> > Module: Loaded CHAP
> > Module: Instantiated chap (chap)
> > Module: Loaded MS-CHAP
> > mschap: use_mppe = yes
> > mschap: require_encryption = no
> > mschap: require_strong = no
> > mschap: with_ntdomain_hack = yes
> > mschap: passwd = "(null)"
> > mschap: ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key
> > --domain=%{mschap:NT-D
> > omain:-burgan_dom} --username=%{mschap:User-Name:-None}
> > --challenge=%{mschap:Cha
> > llenge:-00} --nt-response=%{mschap:NT-Response:-00}"
> > Module: Instantiated mschap (mschap)
> > Module: Loaded System
> > unix: cache = no
> > unix: passwd = "(null)"
> > unix: shadow = "(null)"
> > unix: group = "(null)"
> > unix: radwtmp = "/usr/local/var/log/radius/radwtmp"
> > unix: usegroup = no
> > unix: cache_reload = 600
> > Module: Instantiated unix (unix)
> > Module: Loaded eap
> > eap: default_eap_type = "tls"
> > eap: timer_expire = 60
> > eap: ignore_unknown_eap_types = no
> > eap: cisco_accounting_username_bug = no
> > rlm_eap: Loaded and initialized type md5
> > rlm_eap: Loaded and initialized type leap
> > gtc: challenge = "Password: "
> > gtc: auth_type = "PAP"
> > rlm_eap: Loaded and initialized type gtc
> > tls: rsa_key_exchange = no
> > tls: dh_key_exchange = yes
> > tls: rsa_key_length = 512
> > tls: dh_key_length = 512
> > tls: verify_depth = 0
> > tls: CA_path = "(null)"
> > tls: pem_file_type = yes
> > tls: private_key_file = "/usr/local/etc/raddb/certs/cert-srv.pem"
> > tls: certificate_file = "/usr/local/etc/raddb/certs/cert-srv.pem"
> > tls: CA_file = "/usr/local/etc/raddb/certs/demoCA/cacert.pem"
> > tls: private_key_password = "whatever"
> > tls: dh_file = "(null)"
> > tls: random_file = "/dev/urandom"
> > tls: fragment_size = 1024
> > tls: include_length = yes
> > tls: check_crl = no
> > tls: check_cert_cn = "(null)"
> > tls: cipher_list = "(null)"
> > tls: check_cert_issuer = "(null)"
> > rlm_eap_tls: Loading the certificate file as a chain
> > rlm_eap_tls: Unable to open DH file - (null)
> > rlm_eap: Failed to initialize type tls
> > radiusd.conf[10]: eap: Module instantiation failed.
> > radiusd.conf[1962] Unknown module "eap".
> > radiusd.conf[1909] Failed to parse authenticate section.
> >
> > As you have written 'as are most "helpful" pages not on freeradius.org',
> > can you please suggest some links which guide correctly to configure
> > radius, openssl and active directory.
> >
> > Thanks a lot,
> > Rakesh Jha
> >
> > -----Original Message-----
> > From: freeradius-users-bounces at lists.freeradius.org
> > [mailto:freeradius-users-bounces at lists.freeradius.org] On Behalf Of Alan
> > DeKok
> > Sent: Monday, September 10, 2007 8:35 AM
> > To: FreeRadius users mailing list
> > Subject: Re: Freeradius+Active directory - router login authentciation
> >
> > Rakesh Jha wrote:
> > ...
> > > After following FreeRADIUS Tutorial for AD integration I am not able
> > to
> > > start radius daemon as it complains -
> > >
> > > radiusd.conf[10]: eap: Module instantiation failed.
> > > radiusd.conf[1962] Unknown module "eap".
> > > radiusd.conf[1909] Failed to parse authenticate section.
> >
> > I'm at a bit of a loss for why so many people are so insistent on
> > removing all useful messages.
> >
> > Attention:
> > Any non-official business related views, opinions and other information
> > presented in this electronic mail
> > are solely those of the sender/author.
> > Burgan Bank does not endorse or accept responsibility for their
> opinions.
> > If you are not the addressed
> > indicated in this mail or responsible for delivering this message to the
> > intended,
> > you should delete this message and notify the sender immediately.
> > -------------------------------------------------------
> > Burgan Bank S.A.K
> > www.burgan.com
> >
> >
> >
> > ------------------------------
> >
> > Message: 2
> > Date: Mon, 10 Sep 2007 08:47:09 +0100
> > From: Andrew Rowson <freeradius at growse.com>
> > Subject: Re: Freeradius doesn't detect EAP when authenticating against
> > MySQL
> > To: FreeRadius users mailing list
> > <freeradius-users at lists.freeradius.org>
> > Message-ID: <b03eaa106466517b3d809c38044273f9 at ticklemail.mrmen.home>
> > Content-Type: text/plain; charset="UTF-8"
> >
> >
> >
> > On Mon, 10 Sep 2007 07:31:04 +0200, Alan DeKok <
> aland at deployingradius.com>
> > wrote:
> > > Andrew Rowson wrote:
> > >> Looking over it, it seems that a problem comes up with the MSCHAP
> bit:
> > >>
> > >> rlm_mschap: No User-Password configured. Cannot create
> LM-Password.
> > >> rlm_mschap: No User-Password configured. Cannot create
> NT-Password.
> > >> rlm_mschap: Told to do MS-CHAPv2 for growse with NT-Password
> > >> rlm_mschap: FAILED: No NT/LM-Password. Cannot perform
> > authentication.
> > >> rlm_mschap: FAILED: MS-CHAP2-Response is incorrect
> > >> modcall[authenticate]: module "mschap" returns reject for request
> 14
> > >>
> > >> This appears to imply that there's no User-Password entry found
> > anywhere
> > >> for the user in the database. This would be correct, as the attribute
> > in
> > >> the radcheck table is set to Cleartext-Password. Anything other than
> > >> Cleartext-Password and freeradius doesn't attempt an auth-type of
> EAP,
> > >> but Local instead, going back to my original problem.
> > >
> > > What does the database contain? Cleartext-Password == password,
> > > or Cleartext-Password := password ?
> > >
> >
> > The database contains Cleartext-Password == password. I've tried it with
> > :=, but if I remember correctly that fails as well, with the Auth-type
> > being set to local again. I'll see if I can get a log of that failure as
> > well, if it'd be helpful?
> >
> > Andrew
> >
> >
> >
> > ------------------------------
> >
> > Message: 3
> > Date: Mon, 10 Sep 2007 10:23:19 +0200 (CEST)
> > From: inelec communication <inelec_communication at yahoo.fr>
> > Subject: RE : LOGs of eap-tls authentication
> > To: FreeRadius users mailing list
> > <freeradius-users at lists.freeradius.org>
> > Message-ID: <60722.76768.qm at web26011.mail.ukl.yahoo.com>
> > Content-Type: text/plain; charset="iso-8859-1"
> >
> > hello,
> > running radius in debug mode doesn't give any log file ,i meen it
> > doesn't give logs in radiusd.log ; if you give me your result when you
> > have rubn radiusd -X -A perhaps i can help
> >
> > regards
> >
> >
> > anoop_c at sifycorp.com a ?crit :
> >
> > Hi 1 I am using eap-tls authentication.My setup is working well
> with
> > certificates. I am unable to get logs of user login ok or denied
> in
> > the radius.log file [root at anoop sbin]# radiusd -X -A Starting -
> > reading configuration files ... reread_config: reading radiusd.conf
> Config:
> > including file: /etc/raddb/proxy.conf Config: including file:
> > /etc/raddb/clients.conf Config: including file:
> > /etc/raddb/snmp.conf Config: including file:
> > /etc/raddb/eap.conf Config: including file: /etc/raddb/sql.conf
> main:
> > prefix = \"/usr/local\" main: localstatedir = \"/usr/local/var\"
> main:
> > logdir = \"/usr/local/var/log/radius\" main: libdir =
> \"/usr/local/lib\"
> > main: radacctdir = \"/usr/local/var/log/radius/radacct\" main:
> > hostname_lookups = no main: snmp = no main: max_request_time = 30
> > main: cleanup_delay = 5 main: max_requests = 1024 main:
> > delete_blocked_requests = 0 main: port = 0 main: allow_core_dumps =
> no
> > main: log_stripped_names
> > = yes main: log_file = \"/usr/local/var/log/radius/radius.log\"
> main:
> > log_auth = yes main: log_auth_badpass = yes main: log_auth_goodpass
> =
> > yes main: pidfile = \"/usr/local/var/run/radiusd/radiusd.pid\" main:
> > user = \"(null)\" main: group = \"(null)\" main: usercollide = no
> > main: lower_user = \"no\" main: lower_pass = \"no\" main:
> nospace_user =
> > \"no\" main: nospace_pass = \"no\" main: checkrad =
> > \"/usr/local/sbin/checkrad\" main: proxy_requests = yes proxy:
> > retry_delay = 5 proxy: retry_count = 3 proxy: synchronous = no
> proxy:
> > default_fallback = yes proxy: dead_time = 120 proxy:
> > post_proxy_authorize = no proxy: wake_all_if_all_dead = no security:
> > max_attributes = 200 security: reject_delay = 1 security:
> status_server
> > = no main: debug_level = 0 read_config_files: reading
> > dictionary read_config_files: reading naslist Using deprecated
> naslist
> > file. Support for this will go away soon. read_config_files: reading
> > clients
> > read_config_files: reading realms radiusd: entering modules
> > setup Module: Library search path is /usr/local/lib Module: Loaded
> exec
> > exec: wait = yes exec: program = \"(null)\" exec: input_pairs =
> > \"request\" exec: output_pairs = \"(null)\" exec: packet_type =
> > \"(null)\" rlm_exec: Wait=yes but no output defined. Did you mean
> > output=none? Module: Instantiated exec (exec) Module: Loaded
> expr Module:
> > Instantiated expr (expr) Module: Loaded System unix: cache = no
> unix:
> > passwd = \"(null)\" unix: shadow = \"(null)\" unix: group =
> \"(null)\"
> > unix: radwtmp = \"/usr/local/var/log/radius/radwtmp\" unix: usegroup =
> > no unix: cache_reload = 600 Module: Instantiated unix (unix) Module:
> > Loaded eap eap: default_eap_type = \"tls\" eap: timer_expire = 60
> eap:
> > ignore_unknown_eap_types = no eap: cisco_accounting_username_bug =
> > no rlm_eap: Loaded and initialized type md5 rlm_eap: Loaded and
> > initialized type leap gtc: challenge = \"Password: \"
> > gtc: auth_type = \"PAP\" rlm_eap: Loaded and initialized type gtc
> tls:
> > rsa_key_exchange = no tls: dh_key_exchange = yes tls: rsa_key_length
> =
> > 512 tls: dh_key_length = 512 tls: verify_depth = 0 tls: CA_path =
> > \"(null)\" tls: pem_file_type = yes tls: private_key_file =
> > \"/etc/1x/07xwifi.pem\" tls: certificate_file =
> \"/etc/1x/07xwifi.pem\"
> > tls: CA_file = \"/etc/1x/root.pem\" tls: private_key_password =
> > \"password\" tls: dh_file = \"/etc/1x/DH\" tls: random_file =
> > \"/etc/1x/random\" tls: fragment_size = 1024 tls: include_length =
> yes
> > tls: check_crl = no tls: check_cert_cn = \"(null)\" tls: cipher_list
> =
> > \"(null)\" tls: check_cert_issuer = \"(null)\" rlm_eap_tls: Loading
> the
> > certificate file as a chain WARNING: rlm_eap_tls: Unable to set DH
> > parameters. DH cipher suites may not work! WARNING: Fix this by
> running
> > the OpenSSL command listed in eap.conf rlm_eap: Loaded and initialized
> > type tls mschapv2: with_ntdomain_hack = no
> > rlm_eap: Loaded and initialized type mschapv2 Module: Instantiated eap
> > (eap) Module: Loaded preprocess preprocess: huntgroups =
> > \"/etc/raddb/huntgroups\" preprocess: hints = \"/etc/raddb/hints\"
> > preprocess: with_ascend_hack = no preprocess: ascend_channels_per_line
> =
> > 23 preprocess: with_ntdomain_hack = no preprocess:
> > with_specialix_jetstream_hack = no preprocess: with_cisco_vsa_hack =
> no
> > preprocess: with_alvarion_vsa_hack = no Module: Instantiated preprocess
> > (preprocess) Module: Loaded realm realm: format = \"suffix\" realm:
> > delimiter = \"@\" realm: ignore_default = no realm: ignore_null =
> > no Module: Instantiated realm (suffix) Module: Loaded files files:
> > usersfile = \"/etc/raddb/users\" files: acctusersfile =
> > \"/etc/raddb/acct_users\" files: preproxy_usersfile =
> > \"/etc/raddb/preproxy_users\" files: compat = \"no\" Module:
> Instantiated
> > files (files) Module: Loaded Acct-Unique-Session-Id acct_unique: key
> =
> > \"User-Name,
> > Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port\" Module:
> > Instantiated acct_unique (acct_unique) Module: Loaded detail detail:
> > detailfile =
> > \"/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d\"
> > detail: detailperm = 384 detail: dirperm = 493 detail: locking =
> > no Module: Instantiated detail (detail) Module: Loaded radutmp
> radutmp:
> > filename = \"/usr/local/var/log/radius/radutmp\" radutmp: username =
> > \"%{User-Name}\" radutmp: case_sensitive = yes radutmp:
> check_with_nas =
> > yes radutmp: perm = 384 radutmp: callerid = yes Module:
> Instantiated
> > radutmp (radutmp) Listening on authentication *:1812 Listening on
> > accounting *:1813 Ready to process requests. 2 I am using
> certificate
> > based authentication so do i need to edit anything in the users
> > file/ Thanks and regards Anoop
> >
> >
> > -
> > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
> >
> >
> > ---------------------------------
> > Ne gardez plus qu'une seule adresse mail ! Copiez vos mails vers Yahoo!
> > Mail
> > -------------- next part --------------
> > An HTML attachment was scrubbed...
> > URL: <
> >
> https://lists.freeradius.org/pipermail/freeradius-users/attachments/20070910/5b02759b/attachment-0001.html
> > >
> >
> > ------------------------------
> >
> > Message: 4
> > Date: Mon, 10 Sep 2007 11:15:58 +0200
> > From: Alan DeKok <aland at deployingradius.com>
> > Subject: Re: Freeradius doesn't detect EAP when authenticating against
> > MySQL
> > To: freeradius at growse.com, FreeRadius users mailing list
> > <freeradius-users at lists.freeradius.org>
> > Message-ID: <46E50B4E.9050407 at deployingradius.com>
> > Content-Type: text/plain; charset=ISO-8859-1
> >
> > Andrew Rowson wrote:
> > > The database contains Cleartext-Password == password. I've tried it
> with
> > > :=, but if I remember correctly that fails as well,
> >
> > Use := for Cleartext-Password.
> >
> > > with the Auth-type
> > > being set to local again. I'll see if I can get a log of that failure
> as
> > > well, if it'd be helpful?
> >
> > No.
> >
> > Upgrade to 1.1.7, I think it solves this problem.
> >
> > Alan DeKok.
> >
> >
> > ------------------------------
> >
> > -
> > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
> >
> >
> > End of Freeradius-Users Digest, Vol 29, Issue 25
> > ************************************************
> >
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> https://lists.freeradius.org/pipermail/freeradius-users/attachments/20070910/a2ffc990/attachment.html
> >
>
> ------------------------------
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
> End of Freeradius-Users Digest, Vol 29, Issue 27
> ************************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070912/7e4a92d1/attachment.html>
More information about the Freeradius-Users
mailing list