Autentification error
Tokie
tokie78 at gmail.com
Fri Mar 5 19:18:02 CET 2010
Hi,
I'm trying to connect my hotspot to freeradius with the mysql.
With the old version(1.1.7) works good!
Now I installed newer version and I copied the same configurations
in new files (radius.con, site-enabled/default, sql.conf, client.conf );
but don't works!!
Looks the debugging (freeradius -XXX), I believe that the problem is this:
> Fri Mar 5 17:05:48 2010 : Debug: rlm_pap: WARNING! No "known good"
> password found for the user. Authentication may fail because of this.
> Fri Mar 5 17:05:48 2010 : Debug: modsingle[authorize]: returned
> from pap (rlm_pap) for request 0
> Fri Mar 5 17:05:48 2010 : Debug: ++[pap] returns noop
> Fri Mar 5 17:05:48 2010 : Debug: rad_check_password: Found
> Auth-Type CHAP
> Fri Mar 5 17:05:48 2010 : Debug: auth: type "CHAP"
> Fri Mar 5 17:05:48 2010 : Debug: +- entering group CHAP
> Fri Mar 5 17:05:48 2010 : Debug: modsingle[authenticate]: calling
> chap (rlm_chap) for request 0
> Fri Mar 5 17:05:48 2010 : Debug: rlm_chap: login attempt by "user"
> with CHAP password
> Fri Mar 5 17:05:48 2010 : Debug: rlm_chap: Cleartext-Password is
> required for authentication
> Fri Mar 5 17:05:48 2010 : Debug: modsingle[authenticate]: returned
> from chap (rlm_chap) for request 0
> Fri Mar 5 17:05:48 2010 : Debug: ++[chap] returns invalid
> Fri Mar 5 17:05:48 2010 : Debug: auth: Failed to validate the user.
> Fri Mar 5 17:05:48 2010 : Auth: Login incorrect (rlm_chap: Clear text
> password not available): [user/<CHAP-Password>] (from client nas port
> 2154823689 cli 00:25:D3:XX:XX:XX)
How can I fix the problem??
This is all debugging on freeradius -XXX:
> Fri Mar 5 17:05:26 2010 : Debug: Listening on authentication address
> * port 1812
> Fri Mar 5 17:05:26 2010 : Debug: Listening on accounting address *
> port 1813
> Fri Mar 5 17:05:26 2010 : Debug: Listening on proxy address * port 1814
> Fri Mar 5 17:05:26 2010 : Debug: Ready to process requests.
> rad_recv: Access-Request packet from host 192.168.1.100 port 60079,
> id=20, length=198
> NAS-Port-Type = Ethernet
> Calling-Station-Id = "00:25:D3:XX:XX:XX"
> Called-Station-Id = "hotspot1"
> NAS-Port-Id = "wlan1"
> User-Name = "user"
> NAS-Port = 2154823689
> Acct-Session-Id = "80700009"
> Framed-IP-Address = 10.5.50.251
> Mikrotik-Host-IP = 10.5.50.251
> CHAP-Challenge = 0xc9da34f1dc7f357d5c51772d9da40e38
> CHAP-Password = 0xa1c879f954b7bd431d878d20b8fcef94ef
> Service-Type = Login-User
> WISPr-Logoff-URL = "http://10.5.50.1/logout"
> NAS-Identifier = "MikroTik"
> NAS-IP-Address = 192.168.1.100
> Fri Mar 5 17:05:48 2010 : Debug: +- entering group authorize
> Fri Mar 5 17:05:48 2010 : Debug: modsingle[authorize]: calling
> preprocess (rlm_preprocess) for request 0
> Fri Mar 5 17:05:48 2010 : Debug: modsingle[authorize]: returned
> from preprocess (rlm_preprocess) for request 0
> Fri Mar 5 17:05:48 2010 : Debug: ++[preprocess] returns ok
> Fri Mar 5 17:05:48 2010 : Debug: modsingle[authorize]: calling chap
> (rlm_chap) for request 0
> Fri Mar 5 17:05:48 2010 : Debug: rlm_chap: Setting 'Auth-Type := CHAP'
> Fri Mar 5 17:05:48 2010 : Debug: modsingle[authorize]: returned
> from chap (rlm_chap) for request 0
> Fri Mar 5 17:05:48 2010 : Debug: ++[chap] returns ok
> Fri Mar 5 17:05:48 2010 : Debug: modsingle[authorize]: calling
> mschap (rlm_mschap) for request 0
> Fri Mar 5 17:05:48 2010 : Debug: modsingle[authorize]: returned
> from mschap (rlm_mschap) for request 0
> Fri Mar 5 17:05:48 2010 : Debug: ++[mschap] returns noop
> Fri Mar 5 17:05:48 2010 : Debug: modsingle[authorize]: calling
> suffix (rlm_realm) for request 0
> Fri Mar 5 17:05:48 2010 : Debug: rlm_realm: No '@' in User-Name =
> "user", looking up realm NULL
> Fri Mar 5 17:05:48 2010 : Debug: rlm_realm: No such realm "NULL"
> Fri Mar 5 17:05:48 2010 : Debug: modsingle[authorize]: returned
> from suffix (rlm_realm) for request 0
> Fri Mar 5 17:05:48 2010 : Debug: ++[suffix] returns noop
> Fri Mar 5 17:05:48 2010 : Debug: modsingle[authorize]: calling eap
> (rlm_eap) for request 0
> Fri Mar 5 17:05:48 2010 : Debug: rlm_eap: No EAP-Message, not doing EAP
> Fri Mar 5 17:05:48 2010 : Debug: modsingle[authorize]: returned
> from eap (rlm_eap) for request 0
> Fri Mar 5 17:05:48 2010 : Debug: ++[eap] returns noop
> Fri Mar 5 17:05:48 2010 : Debug: modsingle[authorize]: calling unix
> (rlm_unix) for request 0
> Fri Mar 5 17:05:48 2010 : Debug: modsingle[authorize]: returned
> from unix (rlm_unix) for request 0
> Fri Mar 5 17:05:48 2010 : Debug: ++[unix] returns notfound
> Fri Mar 5 17:05:48 2010 : Debug: modsingle[authorize]: calling
> files (rlm_files) for request 0
> Fri Mar 5 17:05:48 2010 : Debug: modsingle[authorize]: returned
> from files (rlm_files) for request 0
> Fri Mar 5 17:05:48 2010 : Debug: ++[files] returns noop
> Fri Mar 5 17:05:48 2010 : Debug: modsingle[authorize]: calling
> expiration (rlm_expiration) for request 0
> Fri Mar 5 17:05:48 2010 : Debug: modsingle[authorize]: returned
> from expiration (rlm_expiration) for request 0
> Fri Mar 5 17:05:48 2010 : Debug: ++[expiration] returns noop
> Fri Mar 5 17:05:48 2010 : Debug: modsingle[authorize]: calling
> logintime (rlm_logintime) for request 0
> Fri Mar 5 17:05:48 2010 : Debug: modsingle[authorize]: returned
> from logintime (rlm_logintime) for request 0
> Fri Mar 5 17:05:48 2010 : Debug: ++[logintime] returns noop
> Fri Mar 5 17:05:48 2010 : Debug: modsingle[authorize]: calling pap
> (rlm_pap) for request 0
> Fri Mar 5 17:05:48 2010 : Debug: rlm_pap: WARNING! No "known good"
> password found for the user. Authentication may fail because of this.
> Fri Mar 5 17:05:48 2010 : Debug: modsingle[authorize]: returned
> from pap (rlm_pap) for request 0
> Fri Mar 5 17:05:48 2010 : Debug: ++[pap] returns noop
> Fri Mar 5 17:05:48 2010 : Debug: rad_check_password: Found
> Auth-Type CHAP
> Fri Mar 5 17:05:48 2010 : Debug: auth: type "CHAP"
> Fri Mar 5 17:05:48 2010 : Debug: +- entering group CHAP
> Fri Mar 5 17:05:48 2010 : Debug: modsingle[authenticate]: calling
> chap (rlm_chap) for request 0
> Fri Mar 5 17:05:48 2010 : Debug: rlm_chap: login attempt by "user"
> with CHAP password
> Fri Mar 5 17:05:48 2010 : Debug: rlm_chap: Cleartext-Password is
> required for authentication
> Fri Mar 5 17:05:48 2010 : Debug: modsingle[authenticate]: returned
> from chap (rlm_chap) for request 0
> Fri Mar 5 17:05:48 2010 : Debug: ++[chap] returns invalid
> Fri Mar 5 17:05:48 2010 : Debug: auth: Failed to validate the user.
> Fri Mar 5 17:05:48 2010 : Auth: Login incorrect (rlm_chap: Clear text
> password not available): [user/<CHAP-Password>] (from client nas port
> 2154823689 cli 00:25:D3:XX:XX:XX)
> Fri Mar 5 17:05:48 2010 : Debug: Found Post-Auth-Type Reject
> Fri Mar 5 17:05:48 2010 : Debug: +- entering group REJECT
> Fri Mar 5 17:05:48 2010 : Debug: modsingle[post-auth]: calling
> attr_filter.access_reject (rlm_attr_filter) for request 0
> Fri Mar 5 17:05:48 2010 : Debug: expand: %{User-Name} -> user
> Fri Mar 5 17:05:48 2010 : Debug: attr_filter: Matched entry DEFAULT
> at line 11
> Fri Mar 5 17:05:48 2010 : Debug: modsingle[post-auth]: returned
> from attr_filter.access_reject (rlm_attr_filter) for request 0
> Fri Mar 5 17:05:48 2010 : Debug: ++[attr_filter.access_reject]
> returns updated
> Fri Mar 5 17:05:48 2010 : Debug: Delaying reject of request 0 for 1
> seconds
> Fri Mar 5 17:05:48 2010 : Debug: Going to the next request
> Fri Mar 5 17:05:48 2010 : Debug: Waking up in 0.9 seconds.
> rad_recv: Access-Request packet from host 192.168.1.100 port 60079,
> id=20, length=198
> Fri Mar 5 17:05:49 2010 : Debug: Waiting to send Access-Reject to
> client nas port 60079 - ID: 20
> Fri Mar 5 17:05:49 2010 : Debug: Waking up in 0.6 seconds.
> rad_recv: Access-Request packet from host 192.168.1.100 port 60079,
> id=20, length=198
> Fri Mar 5 17:05:49 2010 : Debug: Waiting to send Access-Reject to
> client nas port 60079 - ID: 20
> Fri Mar 5 17:05:49 2010 : Debug: Waking up in 0.3 seconds.
> Fri Mar 5 17:05:49 2010 : Debug: Sending delayed reject for request 0
> Sending Access-Reject of id 20 to 192.168.1.100 port 60079
> Fri Mar 5 17:05:49 2010 : Debug: Waking up in 4.9 seconds.
> Fri Mar 5 17:05:54 2010 : Debug: Cleaning up request 0 ID 20 with
> timestamp +22
> Fri Mar 5 17:05:54 2010 : Debug: Ready to process requests.
Thanks a lot!!
Bye
Tokie
More information about the Freeradius-Users
mailing list