Problem in connecting to switch on telnet

Ivan Kalik tnt at kalik.net
Fri Jun 13 16:38:57 CEST 2008


You are setting up the wrong authentication type. Remove Auth-Type
=System from user configuration.

1.1.3 is old. I am not sure do you need to set Auth-Type there. If it
doesn't work without it set Auth-Type = Local.

Ivan Kalik
Kalik Informatika ISP


Dana 13/6/2008, "Guk Viktor" <v.guk at zaz.zp.ua> piše:

>
>
>
>  
>
>
>Hello,
>
>I have freeradius-1.1.3 and 3com switch 5500-EI. On the
>switch is disposed the access of users into the network through
>freeradius. Arose problem in
>connecting to switch on telnet. In the log freeradius it is indicated
>that the incorrect password (however password I introduce correctly).
>
>rad_recv: Access-Request packet from host 10.0.1.2:5007, id=1,
>length=203
>        User-Name = "admin"
>        User-Password = "admin"
>        NAS-IP-Address = 10.0.1.2
>        NAS-Identifier = "001ac1d4ee42"
>        NAS-Port = 117612545
>        NAS-Port-Id = "unit=7;subslot=0;port=42;vlanid=1"
>        NAS-Port-Type = Ethernet
>        Service-Type = Login-User
>        Login-IP-Host = 10.0.1.2
>        Calling-Station-Id = "0000-0000-0000"
>        Framed-IP-Address = 10.0.1.100
>        Vendor-25506-Attr-26 = 0x00000003
>        Vendor-25506-Attr-255 = 0x353530302d4549
>        Vendor-25506-Attr-60 =
>0x31302e302e312e3130302030303a30303a30303a30303a30303a3030
>        Vendor-25506-Attr-59 = 0x38e68c68
>  Processing the authorize section of radiusd.conf
>modcall: entering group authorize for request 0
>  modcall[authorize]: module "mschap" returns noop for request 0
>    rlm_realm: No '\' in User-Name = "admin", looking up realm NULL
>    rlm_realm: No such realm "NULL"
>  modcall[authorize]: module "ntdomain" returns noop for request 0
>  rlm_eap: No EAP-Message, not doing EAP
>  modcall[authorize]: module "eap" returns noop for request 0
>    users: Matched entry DEFAULT at line 152
>    users: Matched entry admin at line 216
>  modcall[authorize]: module "files" returns ok for request 0
>modcall: leaving group authorize (returns ok) for request 0
>  rad_check_password:  Found Auth-Type System
>auth: type "System"
>  Processing the authenticate section of
>radiusd.conf
>modcall: entering group authenticate for request 0
>  modcall[authenticate]: module "unix" returns notfound for request 0
>modcall: leaving group authenticate (returns notfound) for request 0
>auth: Failed to validate the user.
>Login incorrect: [admin/admin] (from
>client 10.0.1.2 port 117612545 cli 0000-0000-0000)
>Delaying request 0 for 1 seconds
>Finished request 0
>
>Users:
>admin   Auth-Type = System, User-Password == "admin"
>       3Com-User-Access-Level = Administrator
>
>eap.conf:
>eap{
>    default_eap_type = peap
>    timer_expire = 60
>    ignore_unknown_eap_type = no
>    cisco_accounting_username_bug = no
>    
>    md5{
>       }
>
>    leap{
>       }
>
>    gtc{
>       auth_type = PAP
>       }
>
>    peap{
>       default_eap_type = mschapv2
>       use_tunneled_reply = yes
>       }
>
>    mschapv2{
>       }
>    }
>
>It can possibly use a local authorization to switch on telnet,
>without freeradius.
>
>Viktor Guk
>
>
>
>
>




More information about the Freeradius-Users mailing list