Problem with realms
Bill Larson
blarson at compu.net
Thu Jul 8 12:02:28 CEST 2010
I am sure the solution to my problem is simple however I can't figure
it out.
This is my user
blarson Auth-Type := Local, Cleartext-Password == "testing"
Service-Type = Framed-User,
Session-Timeout = 18000,
Framed-Protocol = PPP,
Framed-IP-Address = 255.255.255.254,
Framed-IP-Netmask = 255.255.255.255,
Framed-Routing = None,
Framed-MTU = 1006,
Idle-Timeout = 1200,
Ascend-Idle-Limit = 1200,
Framed-Compression = Van-Jacobsen-TCP-IP,
Port-Limit = 1,
Slipstream-Auth = "true",
Ascend-Maximum-Channels = "1"
This is my realm
realm compu.net {
type = radius
authhost = LOCAL
accthost = LOCAL
}
This is the debug
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Listening on proxy address * port 1814
Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1 port 40159, id=207,
length=69
User-Name = "blarson at compu.net"
User-Password = "testing"
NAS-IP-Address = 216.248.35.2
NAS-Port = 0
+- entering group authorize
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
rlm_realm: Looking up realm "compu.net" for User-Name =
"blarson at compu.net"
rlm_realm: Found realm "compu.net"
rlm_realm: Adding Stripped-User-Name = "blarson"
rlm_realm: Adding Realm = "compu.net"
rlm_realm: Authentication realm is LOCAL.
++[suffix] returns noop
rlm_eap: No EAP-Message, not doing EAP
++[eap] returns noop
++[unix] returns updated
users: Matched entry DEFAULT at line 17394
users: Matched entry DEFAULT at line 17457
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
rlm_pap: Found existing Auth-Type, not changing it.
++[pap] returns noop
rad_check_password: Found Auth-Type REJECT
rad_check_password: Auth-Type = Reject, rejecting user
auth: Failed to validate the user.
Login incorrect: [blarson at compu.net/testing] (from client localhost port 0)
Found Post-Auth-Type Reject
+- entering group REJECT
expand: %{User-Name} -> blarson at compu.net
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 0 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 0
Sending Access-Reject of id 207 to 127.0.0.1 port 40159
Reply-Message = "Invalid or unauthorized account"
Waking up in 4.9 seconds.
Cleaning up request 0 ID 207 with timestamp +3
Ready to process requests.
As you can see it's not stripping the realm before checking in the users
file. So the user is not matched in the users file. What have I done
wrong?
Questions, suggestions, and fixes welcome
More information about the Freeradius-Users
mailing list