radclient from xtradius always fail?

Stephane Bortzmeyer bortzmeyer at nic.fr
Mon Jan 28 16:11:53 CET 2008 

I configured a FreeRadius server and tested it with FreeRadius'
radclient. It works.

However, when I try the radclient from xtradius, I always get an
access denied. I think that FreeRadius is supposed to work with other
Radius implementations :-) so there is something strange.

With FreeRadius's radclient:

% echo "User-Name = bortzmeyer\nUser-Password = theuserpassword" | radclient jezabel auth mysharedsecret
Received response ID 181, code 2, length = 44
        Service-Type = Framed-User
        Framed-Protocol = PPP
...

With xtradius' radclient, same client machine:

% echo "User-Name = bortzmeyer\nUser-Password = theuserpassword" | radclient jezabel auth mysharedsecret
Sending request to server jezabel, port 1812.
Warning: Received invalid reply digest from server
radrecv: Packet from host 10.1.82.2 code=3, id=13, length=20
Access denied.

And, on the FreeRadius server, when it fails:

rad_recv: Access-Request packet from host 10.1.82.1:32774, id=13, length=50
        User-Name = "bortzmeyer"
        User-Password = "\274\016N\002\363\206\206a&.P06\270\363\335"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  modcall[authorize]: module "preprocess" returns ok for request 0
  modcall[authorize]: module "chap" returns noop for request 0
  modcall[authorize]: module "mschap" returns noop for request 0
    rlm_realm: No '@' in User-Name = "bortzmeyer", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 0
  rlm_eap: No EAP-Message, not doing EAP
  modcall[authorize]: module "eap" returns noop for request 0
    users: Matched entry bortzmeyer at line 52
  modcall[authorize]: module "files" returns ok for request 0
  modcall[authorize]: module "pap" returns updated for request 0
modcall: leaving group authorize (returns updated) for request 0
  rad_check_password:  Found Auth-Type pap
auth: type "PAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group PAP for request 0
rlm_pap: login attempt with password ¼?N?ó??a&.P06¸óÝ
rlm_pap: Using clear text password "theuserpassword".
rlm_pap: Passwords don't match
  modcall[authenticate]: module "pap" returns reject for request 0
modcall: leaving group PAP (returns reject) for request 0
auth: Failed to validate the user.
  WARNING: Unprintable characters in the password. ?  Double-check the shared secret on the server and the NAS!

The clients.conf config:

client lilith.generic-nic.net {
    secret = mysharedsecret
    shortname = lilith
    nastype = other
}

More information about the Freeradius-Users mailing list