How to make an open auth realm?
Marcin S.
redark at tlen.pl
Wed Feb 10 15:37:38 CET 2010
Hello
I want to ask if you succeeded in making open auth?
I want to let in users without passwords or with incorrect pass, users
without account in my database too.
I have add to my sql.conf lines that give something like this when there
is no such user in databese:
authorize_check_query = "call rad1('%{User-Name}');" gives
+-----+----------+-----------+--------+----+
| id | UserName | Attribute | Value | op |
+-----+----------+-----------+--------+----+
| 001 | someone | Auth-Type | Accept | == |
+-----+----------+-----------+--------+----+
authorize_reply_query = "call rad2('%{User-Name}');"
+-----+----------+---------------------+-----------------+----+
| id | UserName | Attribute | Value | op |
+-----+----------+---------------------+-----------------+----+
| 001 | someone | Framed-IP-Address | 192.168.4.200 | := |
| 001 | someone | Framed-IP-Netmask | 255.255.255.255 | := |
| 001 | someone | Mikrotik-Rate-Limit | 128k/64k | := |
+-----+----------+---------------------+-----------------+----+
in radius logs a get:
Wed Feb 10 15:29:15 2010 : Auth: Login OK: [someone/<via Auth-Type =
mschap>] (from client router port 307 cli 00:21:00:11:90:58)
but in windows I get error 778 cannot verify server identity
Can you send me a clue? What I do wrong?
P.S. I'm sorry for my English!
W dniu 2010-02-09 23:30, Nick Bright pisze:
> Greetings!
>
> I'd like to configure freeradius such that my local realm is an "open
> authentication" realm, by this I mean that I would like to return
> Access-Accept back to any Access-Request no matter what username &
> password is submitted.
>
> This seems like it should be pretty easy, but I'm just not seeing how
> to do it. I will of course continue to review the documentation after
> sending this message, but I would appreciate any tips that the mailing
> list can offer.
>
More information about the Freeradius-Users
mailing list