Free Radius users record samples for SmartEdge router subcriberauthentication.
Elias Abou Zeid
elias.abou.zeid at ericsson.com
Tue Jun 16 21:27:51 CEST 2009
Ok gentlmen,
Sorry for the :=, == confusion. I was doing it right using ==.
So now I have:
abc at RADIUS User-Password == "test"
Service-Type = Framed-User,
Framed-Protocol = PPP
Now after enabling the radius -X, I get:
rad_recv: Access-Request packet from host 10.205.1.1:1812, id=53,
length=187
User-Name = "abc at RADIUS"
User-Password = "\361\305\244qY\303.N\331o\200>\027\236L\340"
Service-Type = Framed-User
Framed-Protocol = PPP
NAS-Identifier = "Quiet"
NAS-Port = 167903232
NAS-Real-Port = 2717909092
NAS-Port-Type = Virtual
NAS-Port-Id = "10/2 vlan-id 100 pppoe 342"
Medium-Type = DSL
Mac-Addr = "00-0c-29-10-12-c3"
Platform-Type = SmartEdge-800
OS-Version = "6.1.2.6p9"
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 2
modcall[authorize]: module "preprocess" returns ok for request 2
radius_xlat:
'/usr/local/var/log/radius/radacct/10.205.1.1/auth-detail-20090616'
rlm_detail:
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%
d expands to
/usr/local/var/log/radius/radacct/10.205.1.1/auth-detail-20090616
modcall[authorize]: module "auth_log" returns ok for request 2
modcall[authorize]: module "chap" returns noop for request 2
modcall[authorize]: module "mschap" returns noop for request 2
rlm_realm: Looking up realm "RADIUS" for User-Name = "abc at RADIUS"
rlm_realm: No such realm "RADIUS"
modcall[authorize]: module "suffix" returns noop for request 2
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 2
users: Matched entry DEFAULT at line 152
users: Matched entry DEFAULT at line 171
users: Matched entry DEFAULT at line 183
modcall[authorize]: module "files" returns ok for request 2
modcall: leaving group authorize (returns ok) for request 2
rad_check_password: Found Auth-Type System
auth: type "System"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 2
modcall[authenticate]: module "unix" returns notfound for request 2
modcall: leaving group authenticate (returns notfound) for request 2
auth: Failed to validate the user.
Login incorrect:
[abc at RADIUS/\361\305\244qY\303.N\331o\200>\027\236L\340] (from client
SE-Quiet port 167903232)
WARNING: Unprintable characters in the password. ? Double-check the
shared secret on the server and the NAS!
So it seems the password radius is receiving is different that what I am
giving. I checked the shared secret between server and NAS, it matches!
I am not sure why ?
Elias
-----Original Message-----
From:
freeradius-users-bounces+elias.abou.zeid=ericsson.com at lists.freeradius.o
rg
[mailto:freeradius-users-bounces+elias.abou.zeid=ericsson.com at lists.free
radius.org] On Behalf Of Alan DeKok
Sent: June-16-09 11:44 AM
To: FreeRadius users mailing list
Subject: Re: Free Radius users record samples for SmartEdge router
subcriberauthentication.
Elias Abou Zeid wrote:
> I am trying a simple authenticate pppoe subscriber in radius server (v
> 1.188.2.4.2.11)
That's a CVS revision string. If it's in the binary you have, you're
running 1.1.x. Your server is more than 2 years out of date.
> for subscribers coming through Redback SmartEdge 800 router. As I am
> new to this I am looked for some examples for users configuration on
> RADIUS but could not find.
Version 2.1 has greatly improved documentation, including many
examples.
> I have tried something out
> but seems missing certain stuff:
>
> abc Auth-Type := Local, Password == "passwd"
In 1.1.7:
abs Cleartext-Password := "passwd"
Don't set Auth-Type.
> Service-Type = Framed-User,
> Framed-Protocol = PPP,
> Bind_Auth_Context = RADIUS
>
> Thanks for refering me to some examples.
And what does the server say when you run it with "radiusd -X"? This
is in the FAQ, README, "man" page, and nearly daily on this list.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list