Testing radius server

gera gera at gera.me
Thu Dec 10 20:06:39 CET 2009


Where did you create the user and password cisco?

A copy of your users configuration file would be great

On Thu, Dec 10, 2009 at 12:05 PM, g <gerardocb at gmail.com> wrote:

> Where did you create the user and password cisco?
>
> A copy of your users configuration file would be great.
>
>
> On Thu, Dec 10, 2009 at 11:03 AM, Alex Bahoor <alexbahoor at sbcglobal.net>wrote:
>
>>  Alan,
>>
>> Radius -X is always on, and I went through the clients.conf file. -Xgives a lot information, since you asked here is my understanding. I'm not a
>> programmer so some of them are cryptic to me. I put in comments to what I
>> think they are, but they are only guesses. I would be very thankful if
>> you can shed lights on them.
>>
>> Also, there is file experimental.conf stated in eap.conf, but did not
>> exist. It may have some useful information.
>>
>> root at Crest raddb]# radtest cisco cisco 127.0.0.1 200 testing123
>>
>> Sending Access-Request of id 187 to 127.0.0.1 port 1812
>>
>>         User-Name = "cisco"
>>
>>         User-Password = "cisco"
>>
>>         NAS-IP-Address = 127.0.0.1
>>
>>         NAS-Port = 200
>>
>> rad_recv: Access-Request packet from host 127.0.0.1 port 43663, id=187,
>> length=57
>>
>>         User-Name = "cisco"
>>
>>         User-Password = "cisco"
>>
>>         NAS-IP-Address = 127.0.0.1
>>
>>         NAS-Port = 200
>>
>> +- entering group authorize {...}
>>
>> ++[preprocess] returns ok       ;what is preprocess and what does it do?
>>
>> ++[chap] returns noop   ;I can tell that chap was not selected as aprotocol,
>> right?
>>
>> ++[mschap] returns noop         ;as above
>>
>> [suffix] No '@' in User-Name = "cisco", looking up realm NULL ;why @ is
>> expected in a name or password?
>>
>> [suffix] No such realm "NULL" ;what this mean?
>>
>> ++[suffix] returns noop
>>
>> [eap] No EAP-Message, not doing EAP ;eap is not auth protocol.
>>
>> ++[eap] returns noop
>>
>> ++[unix] returns notfound       ;what is this?
>>
>> ++[files] returns noop          ?
>>
>> ++[expiration] returns noop     ?
>>
>> ++[logintime] returns noop      ?
>>
>> [pap] WARNING! No "known good" password found for the user.
>> Authentication may fail because of this.   ;I do have a password (cisco).
>>
>> ++[pap] returns noop
>>
>> No authenticate method (Auth-Type) configuration found for the request:
>> Rejecting the user              ;this look like authentication protocol
>> is a must before the process can work, however, eap.conf file is there
>> and eap is uncommented out with it’s arguments. ?
>>
>> Failed to authenticate the user.
>>
>> Using Post-Auth-Type Reject
>>
>> +- entering group REJECT {...}
>>
>> [attr_filter.access_reject]     expand: %{User-Name} -> cisco
>>
>>  attr_filter: Matched entry DEFAULT at line 11
>>
>> ++[attr_filter.access_reject] returns updated
>>
>> Delaying reject of request 5 for 1 seconds
>>
>> Going to the next request
>>
>> Waking up in 0.9 seconds.
>>
>> Sending delayed reject for request 5
>>
>> Sending Access-Reject of id 187 to 127.0.0.1 port 43663
>>
>> Waking up in 4.9 seconds.
>>
>> rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=187,
>> length=20
>>
>> [root at Crest raddb]# Cleaning up request 5 ID 187 with timestamp +411
>>
>> Ready to process requests.
>>
>> Rgrds,
>>
>> Alex
>>
>> -----Original Message-----
>> From: freeradius-users-bounces+alexbahoor=sbcglobal.net@
>> lists.freeradius.org [
>> mailto:freeradius-users-bounces+alexbahoor=sbcglobal.net at lists.freeradius.org<freeradius-users-bounces+alexbahoor=sbcglobal.net at lists.freeradius.org>]
>> On Behalf Of Alan Buxey
>> Sent: Thursday, December 10, 2009 2:07 AM
>> To: FreeRadius users mailing list
>> Subject: Re: Testing radius server
>>
>> Hi,
>>
>> > Now I know it's a config issue in the clients.conf, as radtest is
>> failing. I
>>
>> > set user name and password, but radius is sending a reject. This is the
>>
>> > first time I'm using radius. So please bear with me. Can some one mail
>> me
>>
>> > example of the minimum required configuration that needed for the radius
>> to
>>
>> > work, no EAP or MSCAP ..etc.
>>
>> hey, guess what - 'radiusd -X'  this will be far more useful than
>>
>> throwing random recommendations to you.
>>
>> have you followed basic guidance regarding hwo to use clients.conf
>>
>> eg
>>
>> testuser Cleartext-Password := "testpassword"
>>
>> alan
>>
>> -
>>
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
>>
>>
>> __________ Information from ESET NOD32 Antivirus, version of virus
>> signature database 4674 (20091209) __________
>>
>> The message was checked by ESET NOD32 Antivirus.
>>
>> http://www.eset.com
>>
>>
>>
>> __________ Information from ESET NOD32 Antivirus, version of virus
>> signature database 4676 (20091210) __________
>>
>> The message was checked by ESET NOD32 Antivirus.
>>
>> http://www.eset.com
>>
>>
>>
>>
>>
>> __________ Information from ESET NOD32 Antivirus, version of virus
>> signature database 4676 (20091210) __________
>>
>> The message was checked by ESET NOD32 Antivirus.
>>
>> http://www.eset.com
>>
>>
>>
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20091210/64803f40/attachment.html>


More information about the Freeradius-Users mailing list