huntgroups are failing auth - missing Chap Password
Terry Pelley
Terry.Pelley at ocdsb.ca
Fri May 9 15:09:49 CEST 2008
OK,
I must be missing something here, likely due to my limited experience with
FreeRADIUS. After re-reading the instructions in the users file the only
thing I can see that is relevant when using huntgroups is an entry for a
user that has no User-Password attribute assigned which I assume means
that the default Auth-Type System will kick in and look the password up in
an other file someplace. What I don't know is the location of this file
and how to go about adding the password for my users.
Is the use of a huntgroups file the best way for me to accomplish what I
am trying to do? I want to limit user Bob so that he can only login from
one specific access point.
Thanks for the previous advice and in advance for any more.
BTW: Sorry if this posting has broken the original thread.
>Read instructions in users file about which password attribute should you
>be using. User-Password is wrong for 1.1.7.
>
>Ivan Kalik
>Kalik Informatika ISP
>
>
>Dana 14/9/2007, "Terry Pelley" <Terry.Pelley at ocdsb.ca> pie:
>
>FreeRADIUS Version 1.1.7
>
>I am using the FreeRADIUS.net Windows version of the software. at least
>for the time being.
>
>I am trying to set up a very basic single user account for a very specific
>purpose and have created the account as follows.
>
>hunttest User-Password == "hunttest", Huntgroup-Name == "hunttest"
>
>My huntgroups file has a huntgroup called hunttest with a single NAS IP
>Address listed as follows.
>
>public NAS-IP-Address == 10.252.9.2
>
>when the user huntest attempts to authenticate it fails. My RADIUS Log
>shows the following entry.
>
>Wed May 7 15:07:25 2008 : Auth: Login incorrect (rlm_chap: Clear text
>password not available): [hunttest/<CHAP-Password>] (from client NAS04
>port 5 cli 00-1E-8C-0E-8E-70)
>Wed May 7 15:07:25 2008 : Auth: Login incorrect (rlm_chap: Clear text
>password not available): [hunttest/<CHAP-Password>] (from client NAS04
>port 5 cli 00-1E-8C-0E-8E-70)
>
>Can some one tell me what is wrong. I am simply trying to create a config
>that will allow the user hunttest to authenticate only if the request
>comes from the client NAS04. Perhaps a huntgroup is not the best way to do
>this.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080509/528c51f7/attachment.html>
More information about the Freeradius-Users
mailing list