Clear text password (radius)

Miha Zoubek miha_zoubek at hotmail.com
Thu Dec 2 16:04:59 CET 2010


Hello,
I am trying to get radius working for voip. I am getting this error.
including configuration file /etc/raddb/modules/ntlm_authincluding configuration file /etc/raddb/modules/mac2vlanincluding configuration file /etc/raddb/modules/dynamic_clientsincluding configuration file /etc/raddb/modules/inner-eapincluding configuration file /etc/raddb/modules/detail.example.comincluding configuration file /etc/raddb/modules/expirationincluding configuration file /etc/raddb/modules/unixincluding configuration file /etc/raddb/modules/exprincluding configuration file /etc/raddb/modules/policyincluding configuration file /etc/raddb/modules/sql_logincluding configuration file /etc/raddb/modules/cuiincluding configuration file /etc/raddb/modules/realmincluding configuration file /etc/raddb/modules/radutmpincluding configuration file /etc/raddb/modules/linelogincluding configuration file /etc/raddb/modules/detail.logincluding configuration file /etc/raddb/modules/attr_filterincluding configuration file /etc/raddb/modules/mschapincluding configuration file /etc/raddb/modules/attr_rewriteincluding configuration file /etc/raddb/modules/smbpasswdincluding configuration file /etc/raddb/modules/opendirectoryincluding configuration file /etc/raddb/modules/sradutmpincluding configuration file /etc/raddb/modules/logintimeincluding configuration file /etc/raddb/modules/digestincluding configuration file /etc/raddb/modules/passwdincluding configuration file /etc/raddb/modules/execincluding configuration file /etc/raddb/modules/perlincluding configuration file /etc/raddb/modules/acct_uniqueincluding configuration file /etc/raddb/modules/checkvalincluding configuration file /etc/raddb/modules/otpincluding configuration file /etc/raddb/modules/preprocessincluding configuration file /etc/raddb/modules/detailincluding configuration file /etc/raddb/modules/mac2ipincluding configuration file /etc/raddb/modules/papincluding configuration file /etc/raddb/modules/etc_groupincluding configuration file /etc/raddb/modules/smsotpincluding configuration file /etc/raddb/modules/chapincluding configuration file /etc/raddb/modules/echoincluding configuration file /etc/raddb/modules/wimaxincluding configuration file /etc/raddb/eap.confincluding configuration file /etc/raddb/sql.confincluding configuration file /etc/raddb/sql/mysql/dialup.confincluding configuration file /etc/raddb/policy.confincluding files in directory /etc/raddb/sites-enabled/including configuration file /etc/raddb/sites-enabled/inner-tunnelincluding configuration file /etc/raddb/sites-enabled/control-socketincluding configuration file /etc/raddb/sites-enabled/defaultmain {        user = "radiusd"        group = "radiusd"        allow_core_dumps = no}including dictionary file /etc/raddb/dictionarymain {        prefix = "/usr"        localstatedir = "/var"        logdir = "/var/log/radius"        libdir = "/usr/lib64/freeradius"        radacctdir = "/var/log/radius/radacct"        hostname_lookups = no        max_request_time = 30        cleanup_delay = 5        max_requests = 1024        pidfile = "/var/run/radiusd/radiusd.pid"        checkrad = "/usr/sbin/checkrad"        debug_level = 0        proxy_requests = yes log {        stripped_names = no        auth = no        auth_badpass = no        auth_goodpass = no } security {        max_attributes = 200        reject_delay = 1        status_server = yes }}radiusd: #### Loading Realms and Home Servers #### proxy server {        retry_delay = 5        retry_count = 3        default_fallback = no        dead_time = 120        wake_all_if_all_dead = no } home_server localhost {        ipaddr = 127.0.0.1        port = 1812        type = "auth"        secret = "testing123"        response_window = 20        max_outstanding = 65536        require_message_authenticator = yes        zombie_period = 40        status_check = "status-server"        ping_interval = 30        check_interval = 30        num_answers_to_alive = 3        num_pings_to_alive = 3        revive_interval = 120        status_check_timeout = 4        irt = 2        mrt = 16        mrc = 5        mrd = 30 } home_server_pool my_auth_failover {        type = fail-over        home_server = localhost } realm example.com {        auth_pool = my_auth_failover } realm LOCAL { }radiusd: #### Loading Clients #### client localhost {        ipaddr = 127.0.0.1        require_message_authenticator = no        secret = "testing123"        nastype = "other" } client  xxx.xxx.xxx.xxx {        require_message_authenticator = no        secret = "soft1234"        shortname = "intraswitch" }radiusd: #### Instantiating modules #### instantiate { Module: Linked to module rlm_exec Module: Instantiating module "exec" from file /etc/raddb/modules/exec  exec {        wait = no        input_pairs = "request"        shell_escape = yes  } Module: Linked to module rlm_expr Module: Instantiating module "expr" from file /etc/raddb/modules/expr Module: Linked to module rlm_expiration Module: Instantiating module "expiration" from file /etc/raddb/modules/expiration  expiration {        reply-message = "Password Has Expired  "  } Module: Linked to module rlm_logintime Module: Instantiating module "logintime" from file /etc/raddb/modules/logintime  logintime {        reply-message = "You are calling outside your allowed timespan  "        minimum-timeout = 60  } }radiusd: #### Loading Virtual Servers ####server inner-tunnel { # from file /etc/raddb/sites-enabled/inner-tunnel modules { Module: Checking authenticate {...} for more modules to load Module: Linked to module rlm_pap Module: Instantiating module "pap" from file /etc/raddb/modules/pap  pap {        encryption_scheme = "auto"        auto_header = no  } Module: Linked to module rlm_chap Module: Instantiating module "chap" from file /etc/raddb/modules/chap Module: Linked to module rlm_mschap Module: Instantiating module "mschap" from file /etc/raddb/modules/mschap  mschap {        use_mppe = yes        require_encryption = no        require_strong = no        with_ntdomain_hack = no  } Module: Linked to module rlm_unix Module: Instantiating module "unix" from file /etc/raddb/modules/unix  unix {        radwtmp = "/var/log/radius/radwtmp"  } Module: Linked to module rlm_eap Module: Instantiating module "eap" from file /etc/raddb/eap.conf  eap {        default_eap_type = "md5"        timer_expire = 60        ignore_unknown_eap_types = no        cisco_accounting_username_bug = no        max_sessions = 4096  } Module: Linked to sub-module rlm_eap_md5 Module: Instantiating eap-md5 Module: Linked to sub-module rlm_eap_leap Module: Instantiating eap-leap Module: Linked to sub-module rlm_eap_gtc Module: Instantiating eap-gtc   gtc {        challenge = "Password: "        auth_type = "PAP"   } Module: Linked to sub-module rlm_eap_tls Module: Instantiating eap-tls   tls {        rsa_key_exchange = no        dh_key_exchange = yes        rsa_key_length = 512        dh_key_length = 512        verify_depth = 0        CA_path = "/etc/raddb/certs"        pem_file_type = yes        private_key_file = "/etc/raddb/certs/server.pem"        certificate_file = "/etc/raddb/certs/server.pem"        CA_file = "/etc/raddb/certs/ca.pem"        private_key_password = "whatever"        dh_file = "/etc/raddb/certs/dh"        random_file = "/etc/raddb/certs/random"        fragment_size = 1024        include_length = yes        check_crl = no        cipher_list = "DEFAULT"    cache {        enable = no        lifetime = 24        max_entries = 255    }    verify {    }   } Module: Linked to sub-module rlm_eap_ttls Module: Instantiating eap-ttls   ttls {        default_eap_type = "md5"        copy_request_to_tunnel = no        use_tunneled_reply = no        virtual_server = "inner-tunnel"        include_length = yes   } Module: Linked to sub-module rlm_eap_peap Module: Instantiating eap-peap   peap {        default_eap_type = "mschapv2"        copy_request_to_tunnel = no        use_tunneled_reply = no        proxy_tunneled_request_as_eap = yes        virtual_server = "inner-tunnel"   } Module: Linked to sub-module rlm_eap_mschapv2 Module: Instantiating eap-mschapv2   mschapv2 {        with_ntdomain_hack = no   } Module: Checking authorize {...} for more modules to load Module: Linked to module rlm_realm Module: Instantiating module "suffix" from file /etc/raddb/modules/realm  realm suffix {        format = "suffix"        delimiter = "@"        ignore_default = no        ignore_null = no  } Module: Linked to module rlm_files Module: Instantiating module "files" from file /etc/raddb/modules/files  files {        usersfile = "/etc/raddb/users"        acctusersfile = "/etc/raddb/acct_users"        preproxy_usersfile = "/etc/raddb/preproxy_users"        compat = "no"  } Module: Checking session {...} for more modules to load Module: Linked to module rlm_radutmp Module: Instantiating module "radutmp" from file /etc/raddb/modules/radutmp  radutmp {        filename = "/var/log/radius/radutmp"        username = "%{User-Name}"        case_sensitive = yes        check_with_nas = yes        perm = 384        callerid = yes  } Module: Checking post-proxy {...} for more modules to load Module: Checking post-auth {...} for more modules to load Module: Linked to module rlm_attr_filter Module: Instantiating module "attr_filter.access_reject" from file /etc/raddb/modules/attr_filter  attr_filter attr_filter.access_reject {        attrsfile = "/etc/raddb/attrs.access_reject"        key = "%{User-Name}"  } } # modules} # serverserver { # from file /etc/raddb/radiusd.conf modules { Module: Checking authenticate {...} for more modules to load Module: Linked to module rlm_digest Module: Instantiating module "digest" from file /etc/raddb/modules/digest Module: Checking authorize {...} for more modules to load Module: Linked to module rlm_preprocess Module: Instantiating module "preprocess" from file /etc/raddb/modules/preprocess  preprocess {        huntgroups = "/etc/raddb/huntgroups"        hints = "/etc/raddb/hints"        with_ascend_hack = no        ascend_channels_per_line = 23        with_ntdomain_hack = no        with_specialix_jetstream_hack = no        with_cisco_vsa_hack = no        with_alvarion_vsa_hack = no  } Module: Linked to module rlm_sql Module: Instantiating module "sql" from file /etc/raddb/sql.conf  sql {        driver = "rlm_sql_mysql"        server = "localhost"        port = ""        login = "root"        password = "soft1234"        radius_db = "radius"        read_groups = yes        sqltrace = no        sqltracefile = "/var/log/radius/sqltrace.sql"        readclients = no        deletestalesessions = yes        num_sql_socks = 5        lifetime = 0        max_queries = 0        sql_user_name = "%{User-Name}"        default_user_profile = ""        nas_query = "SELECT id, nasname, shortname, type, secret, server FROM nas"        authorize_check_query = "SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id"        authorize_reply_query = "SELECT id, username, attribute, value, op           FROM radreply           WHERE username = '%{SQL-User-Name}'           ORDER BY id"        authorize_group_check_query = "SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id"        authorize_group_reply_query = "SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id"        accounting_onoff_query = "          UPDATE radacct           SET              acctstoptime       =  '%S',              acctsessiontime    =  unix_timestamp('%S') -                                    unix_timestamp(acctstarttime),              acctterminatecause =  '%{Acct-Terminate-Cause}',              acctstopdelay      =  %{%{Acct-Delay-Time}:-0}           WHERE acctstoptime IS NULL           AND nasipaddress      =  '%{NAS-IP-Address}'           AND acctstarttime     <= '%S'"        accounting_update_query = "           UPDATE radacct           SET              framedipaddress = '%{Framed-IP-Address}',              acctsessiontime     = '%{Acct-Session-Time}',              acctinputoctets     = '%{%{Acct-Input-Gigawords}:-0}'  << 32 |                                    '%{%{Acct-Input-Octets}:-0}',              acctoutputoctets    = '%{%{Acct-Output-Gigawords}:-0}' << 32 |                                    '%{%{Acct-Output-Octets}:-0}'           WHERE acctsessionid = '%{Acct-Session-Id}'           AND username        = '%{SQL-User-Name}'           AND nasipaddress    = '%{NAS-IP-Address}'"        accounting_update_query_alt = "           INSERT INTO radacct             (acctsessionid,    acctuniqueid,      username,              realm,            nasipaddress,      nasportid,              nasporttype,      acctstarttime,     acctsessiontime,              acctauthentic,    connectinfo_start, acctinputoctets,              acctoutputoctets, calledstationid,   callingstationid,              servicetype,      framedprotocol,    framedipaddress,              acctstartdelay,   xascendsessionsvrkey)           VALUES             ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',              '%{SQL-User-Name}',              '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}',              '%{NAS-Port-Type}',              DATE_SUB('%S',                       INTERVAL (%{%{Acct-Session-Time}:-0} +                                 %{%{Acct-Delay-Time}:-0}) SECOND),                       '%{Acct-Session-Time}',              '%{Acct-Authentic}', '',              '%{%{Acct-Input-Gigawords}:-0}' << 32 |              '%{%{Acct-Input-Octets}:-0}',              '%{%{Acct-Output-Gigawords}:-0}' << 32 |              '%{%{Acct-Output-Octets}:-0}',              '%{Called-Station-Id}', '%{Calling-Station-Id}',              '%{Service-Type}', '%{Framed-Protocol}',              '%{Framed-IP-Address}',              '0', '%{X-Ascend-Session-Svr-Key}')"        accounting_start_query = "           INSERT INTO radacct             (acctsessionid,    acctuniqueid,     username,              realm,            nasipaddress,     nasportid,              nasporttype,      acctstarttime,    acctstoptime,              acctsessiontime,  acctauthentic,    connectinfo_start,              connectinfo_stop, acctinputoctets,  acctoutputoctets,              calledstationid,  callingstationid, acctterminatecause,              servicetype,      framedprotocol,   framedipaddress,              acctstartdelay,   acctstopdelay,    xascendsessionsvrkey)           VALUES             ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',              '%{SQL-User-Name}',              '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}',              '%{NAS-Port-Type}', '%S', NULL,              '0', '%{Acct-Authentic}', '%{Connect-Info}',              '', '0', '0',              '%{Called-Station-Id}', '%{Calling-Station-Id}', '',              '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}',              '%{%{Acct-Delay-Time}:-0}', '0', '%{X-Ascend-Session-Svr-Key}')"        accounting_start_query_alt = "           UPDATE radacct SET              acctstarttime     = '%S',              acctstartdelay    = '%{%{Acct-Delay-Time}:-0}',              connectinfo_start = '%{Connect-Info}'           WHERE acctsessionid  = '%{Acct-Session-Id}'           AND username         = '%{SQL-User-Name}'           AND nasipaddress     = '%{NAS-IP-Address}'"        accounting_stop_query = "           UPDATE radacct SET              acctstoptime       = '%S',              acctsessiontime    = '%{Acct-Session-Time}',              acctinputoctets    = '%{%{Acct-Input-Gigawords}:-0}' << 32 |                                   '%{%{Acct-Input-Octets}:-0}',              acctoutputoctets   = '%{%{Acct-Output-Gigawords}:-0}' << 32 |                                   '%{%{Acct-Output-Octets}:-0}',              acctterminatecause = '%{Acct-Terminate-Cause}',              acctstopdelay      = '%{%{Acct-Delay-Time}:-0}',              connectinfo_stop   = '%{Connect-Info}'           WHERE acctsessionid   = '%{Acct-Session-Id}'           AND username          = '%{SQL-User-Name}'           AND nasipaddress      = '%{NAS-IP-Address}'"        accounting_stop_query_alt = "           INSERT INTO radacct             (acctsessionid, acctuniqueid, username,              realm, nasipaddress, nasportid,              nasporttype, acctstarttime, acctstoptime,              acctsessiontime, acctauthentic, connectinfo_start,              connectinfo_stop, acctinputoctets, acctoutputoctets,              calledstationid, callingstationid, acctterminatecause,              servicetype, framedprotocol, framedipaddress,              acctstartdelay, acctstopdelay)           VALUES             ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',              '%{SQL-User-Name}',              '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}',              '%{NAS-Port-Type}',              DATE_SUB('%S',                  INTERVAL (%{%{Acct-Session-Time}:-0} +                  %{%{Acct-Delay-Time}:-0}) SECOND),              '%S', '%{Acct-Session-Time}', '%{Acct-Authentic}', '',              '%{Connect-Info}',              '%{%{Acct-Input-Gigawords}:-0}' << 32 |              '%{%{Acct-Input-Octets}:-0}',              '%{%{Acct-Output-Gigawords}:-0}' << 32 |              '%{%{Acct-Output-Octets}:-0}',              '%{Called-Station-Id}', '%{Calling-Station-Id}',              '%{Acct-Terminate-Cause}',              '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}',              '0', '%{%{Acct-Delay-Time}:-0}')"        group_membership_query = "SELECT groupname           FROM radusergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority"        connect_failure_retry_delay = 60        simul_count_query = ""        simul_verify_query = "SELECT radacctid, acctsessionid, username,                                nasipaddress, nasportid, framedipaddress,                                callingstationid, framedprotocol                                FROM radacct                                WHERE username = '%{SQL-User-Name}'                                AND acctstoptime IS NULL"        postauth_query = "INSERT INTO radpostauth                           (username, pass, reply, authdate)                           VALUES (                           '%{User-Name}',                           '%{%{User-Password}:-%{Chap-Password}}',                           '%{reply:Packet-Type}', '%S')"        safe-characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"  }rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linkedrlm_sql (sql): Attempting to connect to root at localhost:/radiusrlm_sql (sql): starting 0rlm_sql (sql): Attempting to connect rlm_sql_mysql #0rlm_sql_mysql: Starting connect to MySQL server for #0rlm_sql (sql): Connected new DB handle, #0rlm_sql (sql): starting 1rlm_sql (sql): Attempting to connect rlm_sql_mysql #1rlm_sql_mysql: Starting connect to MySQL server for #1rlm_sql (sql): Connected new DB handle, #1rlm_sql (sql): starting 2rlm_sql (sql): Attempting to connect rlm_sql_mysql #2rlm_sql_mysql: Starting connect to MySQL server for #2rlm_sql (sql): Connected new DB handle, #2rlm_sql (sql): starting 3rlm_sql (sql): Attempting to connect rlm_sql_mysql #3rlm_sql_mysql: Starting connect to MySQL server for #3rlm_sql (sql): Connected new DB handle, #3rlm_sql (sql): starting 4rlm_sql (sql): Attempting to connect rlm_sql_mysql #4rlm_sql_mysql: Starting connect to MySQL server for #4rlm_sql (sql): Connected new DB handle, #4 Module: Checking preacct {...} for more modules to load Module: Linked to module rlm_acct_unique Module: Instantiating module "acct_unique" from file /etc/raddb/modules/acct_unique  acct_unique {        key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"  } Module: Checking accounting {...} for more modules to load Module: Linked to module rlm_detail Module: Instantiating module "detail" from file /etc/raddb/modules/detail  detail {        detailfile = "/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"        header = "%t"        detailperm = 384        dirperm = 493        locking = no        log_packet_header = no  } Module: Instantiating module "attr_filter.accounting_response" from file /etc/raddb/modules/attr_filter  attr_filter attr_filter.accounting_response {        attrsfile = "/etc/raddb/attrs.accounting_response"        key = "%{User-Name}"  } Module: Checking session {...} for more modules to load Module: Checking post-proxy {...} for more modules to load Module: Checking post-auth {...} for more modules to load } # modules} # serverradiusd: #### Opening IP addresses and Ports ####listen {        type = "auth"        ipaddr = *        port = 0}listen {        type = "acct"        ipaddr = *        port = 0}listen {        type = "control" listen {        socket = "/var/run/radiusd/radiusd.sock" }}listen {        type = "auth"        ipaddr = 127.0.0.1        port = 18120}Listening on authentication address * port 1812Listening on accounting address * port 1813Listening on command file /var/run/radiusd/radiusd.sockListening on authentication address 127.0.0.1 port 18120 as server inner-tunnelListening on proxy address * port 1814Ready to process requests.rad_recv: Access-Request packet from host xxx.xxx.xxx.xxx port 51738, id=152, length=206        Acct-Multi-Session-Id = "1291302052682"        Cisco-Attr-130 = 0x683332332d63616c6c696e672d656e74657270726973652d69643d656e74504258        Calling-Station-Id = "81609000"        NAS-Identifier = "intraswitch"        NAS-IP-Address = 212.13.228.58        3GPP2-Prepaid-acct-Capability = 0x010600000002        3GPP2-Session-Termination-Capability = 1        h323-conf-id = "h323-conf-id=1291302052682"        Vendor-Specific = 0x00000009        Event-Timestamp = "Dec  2 2010 16:00:52 CET"        User-Name = "081609000"        User-Password = "\205;m\353\177\275i\027\231\216\34158n\037\233"# Executing section authorize from file /etc/raddb/sites-enabled/default+- entering group authorize {...}++[preprocess] returns ok++[chap] returns noop++[mschap] returns noop++[digest] returns noop[sql]   expand: %{User-Name} -> 081609000[sql] sql_set_user escaped user --> '081609000'rlm_sql (sql): Reserving sql socket id: 4[sql]   expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '081609000'           ORDER BY id[sql] User found in radcheck table[sql]   expand: SELECT id, username, attribute, value, op           FROM radreply           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radreply           WHERE username = '081609000'           ORDER BY id[sql]   expand: SELECT groupname           FROM radusergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM radusergroup           WHERE username = '081609000'           ORDER BY priority[sql]   expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'static'           ORDER BY id[sql] User found in group static[sql]   expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'static'           ORDER BY idrlm_sql (sql): Released sql socket id: 4++[sql] returns ok[suffix] No '@' in User-Name = "081609000", looking up realm NULL[suffix] No such realm "NULL"++[suffix] returns noop[eap] No EAP-Message, not doing EAP++[eap] returns noop++[unix] returns notfound[sql]   expand: %{User-Name} -> 081609000[sql] sql_set_user escaped user --> '081609000'rlm_sql (sql): Reserving sql socket id: 3[sql]   expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '081609000'           ORDER BY id[sql] User found in radcheck table[sql]   expand: SELECT id, username, attribute, value, op           FROM radreply           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radreply           WHERE username = '081609000'           ORDER BY id[sql]   expand: SELECT groupname           FROM radusergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM radusergroup           WHERE username = '081609000'           ORDER BY priority[sql]   expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = 'static'           ORDER BY id[sql] User found in group static[sql]   expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = 'static'           ORDER BY idrlm_sql (sql): Released sql socket id: 3++[sql] returns ok++[expiration] returns noop++[logintime] returns noop++[pap] returns updatedFound Auth-Type = PAP# Executing group from file /etc/raddb/sites-enabled/default+- entering group PAP {...}[pap] login attempt with password "?;më½i???á58n??"[pap] Using CRYPT password "1234"[pap] Passwords don't match++[pap] returns rejectFailed to authenticate the user.  WARNING: Unprintable characters in the password.        Double-check the shared secret on the server and the NAS!Using Post-Auth-Type Reject# Executing group from file /etc/raddb/sites-enabled/default+- entering group REJECT {...}[attr_filter.access_reject]     expand: %{User-Name} -> 081609000 attr_filter: Matched entry DEFAULT at line 11++[attr_filter.access_reject] returns updatedDelaying reject of request 0 for 1 secondsGoing to the next requestWaking up in 0.9 seconds.Sending delayed reject for request 0Sending Access-Reject of id 152 to xxx.xxx.xxx.xxx 8 port 51738Waking up in 4.9 seconds.rad_recv: Access-Request packet from host  xxx.xxx.xxx.xxx port 51738, id=152, length=206Sending duplicate reply to client intraswitch port 51738 - ID: 152Sending Access-Reject of id 152 to  xxx.xxx.xxx.xxx port 51738Waking up in 4.9 seconds.Cleaning up request 0 ID 152 with timestamp +15Ready to process requests.

Please help me!
Thanks! 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20101202/1b826a80/attachment.html>


More information about the Freeradius-Users mailing list