FreeRadius 2.0.4 - problems with LDAP and Sonicwall...

aprotector aprotector at
Thu May 29 21:34:11 CEST 2008

I've been trying to get my freeradius server to work with an Netscape LDAP
server and authenticate users when they connect via VPN to our Sonicwall
gateway. I have set the Sonicwall as a client so the radius recognizes it
and then adjusted the radiusd.conf. However, when I try to authenticate an
LDAP user from the sonicwall it will say the authentication failed and the
radius shows the following messages:

---------- (running in radiusd -X)
        User-Name = "testuser"
        User-Password = "testing"
        NAS-IP-Address = sonicwallIP
        NAS-Port = 0
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
    rlm_realm: No '@' in User-Name = "testuser", looking up realm NULL
    rlm_realm: No such realm "NULL"
++[suffix] returns noop
  rlm_eap: No EAP-Message, not doing EAP
++[eap] returns noop
++[unix] returns notfound
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
rlm_pap: WARNING! No "known good" password found for the user. 
Authentication may fail because of this.
++[pap] returns noop
auth: No authenticate method (Auth-Type) configuration found for the
request: Rejecting the user
auth: Failed to validate the user.
Login incorrect: [testuser/testing] (from client sonicwall port 0)
  Found Post-Auth-Type Reject
+- entering group REJECT
        expand: %{User-Name} -> testuser
 attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 0 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 0
Waking up in 4.9 seconds.


If I uncomment a local user account on the Radius box and then try
authenticating from the Sonicwall with this it will succeed. It just doesn't
seem to want to go to the LDAP server and then back to the Sonicwall. Has
anyone had any experience with this sort of setup, and might be able to shed
some light on how I can set it up to use LDAP for the authentication? 
View this message in context:
Sent from the FreeRadius - User mailing list archive at

More information about the Freeradius-Users mailing list