Freeradius not always denying invalid users

Chris Moss cmoss28 at vci.net
Thu Sep 4 16:13:23 CEST 2008


No, cache was not enabled. Just a thought on the denying, I thought 
maybe it just couldn't get a good result one way or the other so it 
would just allow it. Any other thoughts on would could be causing this 
issue? Like I said this only seems to be happening on dsl customers that 
constantly try to connect. Is there any other logs, configs, etc that 
would be of any help? I will try to get a debug of one that doesn't 
behave properly. Is there a way to make that debug log to the log file. 
So far it only outputs to terminal and it's very hard to capture it 
there, it it's in a log I should be able to get something worthwhile.

Chris Moss




Alan DeKok wrote:
> Chris Moss wrote:
>   
>> We are running version 1.1.3. We do have thousands of users in the
>> passwd file, could that have something to do with it? 
>>     
>
>   Maybe.  Did you enable "cache" in the "unix" module?  If so, have you
> disabled it?
>
>   
>> Is there a way to
>> tell the radius server that if it can't authenticate to deny it.
>>     
>
>   Huh?  If the server can't authenticate the user, it denies the user.
> Always.
>
>   
>> I'm
>> wondering if the OS itself is getting overloaded causing this.
>>     
>
>   No.
>
>   Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
> .
>
>   
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080904/1068ec08/attachment.html>


More information about the Freeradius-Users mailing list