..::Huntgroup Issues::..

Carlos Eduardo Tavares Terra eduardo.terra at gmail.com
Fri Sep 3 13:18:32 CEST 2010 

Maybe the problem is here:

rad_recv: Access-Request packet from host 127.0.0.1 port 6729, id=139,
length=58
        User-Name = "steve2"
        User-Password = "testing"
*        NAS-IP-Address = 192.168.2.251*
        NAS-Port = 10



2010/9/1 Alfonso Alejandro Reyes Jiménez <conesh at gmail.com>

>  Thanks for the advice to everyone.
>
> As per your recomendation we changed the users file with the following
> line:
>
> steve2    Cleartext-Password := "testing", Huntgroup-Name == "arcsight"
>
> but we got the same result access-reject.
>
> And we got the following output:
>
> rad_recv: Access-Request packet from host 127.0.0.1 port 6729, id=139,
> length=58
>         User-Name = "steve2"
>         User-Password = "testing"
>         NAS-IP-Address = 192.168.2.251
>         NAS-Port = 10
> +- entering group authorize {...}
> ++[preprocess] returns ok
> ++[chap] returns noop
> ++[mschap] returns noop
> [suffix] No '@' in User-Name = "steve2", looking up realm NULL
> [suffix] No such realm "NULL"
> ++[suffix] returns noop
>
> [eap] No EAP-Message, not doing EAP
> ++[eap] returns noop
> ++[unix] returns notfound
> ++[files] returns noop
> ++[expiration] returns noop
> ++[logintime] returns noop
> [pap] WARNING! No "known good" password found for the user.  Authentication
> may fail because of this.
> ++[pap] returns noop
> *No authenticate method (Auth-Type) configuration found for the request:
> Rejecting the user*
> Failed to authenticate the user.
> Using Post-Auth-Type Reject
> +- entering group REJECT {...}
> [attr_filter.access_reject]     expand: %{User-Name} -> steve2
>  attr_filter: Matched entry DEFAULT at line 11
> ++[attr_filter.access_reject] returns updated
> Delaying reject of request 0 for 1 seconds
>
> Going to the next request
> Waking up in 0.9 seconds.
> Sending delayed reject for request 0
> Sending Access-Reject of id 139 to 127.0.0.1 port 6729
> Waking up in 4.9 seconds.
> Cleaning up request 0 ID 139 with timestamp +5
>
> I have a question, we remove the autentication value and the debug shows
> that it is looking for it, why is that?
>
> May be someone that has the huntgroups running can send the examples of the
> users and huntgroups files, that may help a lot.
>
> Thanks in advance.
>
> Regards
>
> Alfonso.
>
> El 24/08/2010 04:46 a.m., Alan DeKok escribió:
>
> Alfonso Alejandro Reyes Jiménez wrote:
>
>  Hi, I'm trying to use the huntgroup feature on the freeradius software
> with out luck. I think I'm missing something that's why I'm sending this
> email maybe you can help me.
>
>    You should read the debug output of the server.  The answer is in there.
>
>
>  users file at the end:
>
> alfonso  Auth-Type := Local, User-Password == "testing", Huntgroup-Name
> == "squid"
>
>    <sigh>  Don't set Auth-Type.  Use "Cleartext-Password := ...", and not
> "User-Password == ..."
>
>
>  Here's the output of the debug, it seems that it doesn't find the config
> file.
>
>    No.  It finds the DEFAULT entry earlier in the file.
>
>   Why?  This is documented.  Read the comments at the top of the "users"
> file.  Read the "man users" page.  Read the FAQ for an example of how to
> configure a test user.
>
>   Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>



-- 
Carlos Eduardo Tavares Terra
Red Hat Certified Engineer
Consultor em Administração de Redes Linux
GNU/Linux #413291 [http://counter.li.org]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20100903/7e234838/attachment.html>

More information about the Freeradius-Users mailing list