MAC Auth (new problem)

Nataniel Klug nata at cnett.com.br
Mon Dec 15 19:31:44 CET 2008 

    Hello all,

    A new problem on my Radius tryout... Now I cant authorize my MAC 
clients. This is how it gets into my server:

Listening on authentication address 172.30.0.27 port 1812 as server ppp
Listening on accounting address 172.30.0.27 port 1813 as server ppp
Listening on authentication address 172.30.0.27 port 1814 as server proxim
Ready to process requests.
rad_recv: Access-Request packet from host 172.30.0.165 port 6001, id=3, 
length=69
        User-Name = "00:19:79:0F:98:3D"
        User-Password = "cnett1298"
        NAS-IP-Address = 172.30.0.165
        NAS-Port = 0
server proxim {
+- entering group authorize {...}
++[preprocess] returns ok
[suffix] No '@' in User-Name = "00:19:79:0F:98:3D", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[sql_ap2000]    expand: %{User-Name} -> 00:19:79:0F:98:3D
[sql_ap2000] sql_set_user escaped user --> '00:19:79:0F:98:3D'
rlm_sql (sql_ap2000): Reserving sql socket id: 4
[sql_ap2000]    expand: SELECT id, username, attribute, value, 
op           FROM radcheck           WHERE value = 
'%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, 
attribute, value, op           FROM radcheck           WHERE value = 
'00:19:79:0F:98:3D'           ORDER BY id
[sql_ap2000]    expand: SELECT groupname           FROM 
usergroup           WHERE username = '%{SQL-User-Name}'           ORDER 
BY priority -> SELECT groupname           FROM usergroup           WHERE 
username = '00:19:79:0F:98:3D'           ORDER BY priority
rlm_sql (sql_ap2000): Released sql socket id: 4
[sql_ap2000] User 00:19:79:0F:98:3D not found
++[sql_ap2000] returns notfound
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user.  
Authentication may fail because of this.
++[pap] returns noop
No authenticate method (Auth-Type) configuration found for the request: 
Rejecting the user
Failed to authenticate the user.
Login incorrect: [00:19:79:0F:98:3D/cnett1298] (from client ap2000 port 0)
} # server proxim
Delaying reject of request 0 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 0
Sending Access-Reject of id 3 to 172.30.0.165 port 6001
Waking up in 4.9 seconds.
Cleaning up request 0 ID 3 with timestamp +29
Ready to process requests.

    This user (MAC) exists and its in radcheck like this:

mysql> SELECT * FROM radcheck WHERE Username="marmatec";
+------+----------+--------------------+----+-------------------+--------+------+
| id   | UserName | Attribute          | op | Value             | numero 
| obs  |
+------+----------+--------------------+----+-------------------+--------+------+
|  796 | marmatec | Cleartext-Password | := | 654321            | 00923  
|      |
| 1886 | marmatec | Calling-Station-Id | == | 00:19:79:0F:98:3D | 00923  
| NULL |
+------+----------+--------------------+----+-------------------+--------+------+

    On mysql/sql/ap2000.conf (copy of dialup.conf file) I just changed 
this on authorize section:

          WHERE value = '%{SQL-User-Name}' \

    I really don't know how to make this work. Can someone help me?

-- 
Att,

NATANIEL KLUG
nata at cnett.com.br

LEIA O DIA-A-DIA DO NATA
http://nataklug.blogspot.com/

Cyber Nett - Internet Banda Larga
www.cnett.com.br
(42) 3635-2957
Rua Diogo Pinto, 1046, Centro
Laranjeiras do Sul - PR
Brasil - 85301-290

"... também os sábios possuem coração tangível e podem, por vezes, usar da ciência como meio de demonstrar impressões sentimentais de que muitos não os julgam suscetíveis."
Visconde de Taunay

More information about the Freeradius-Users mailing list