Need Help to Troubleshoot MySQL Auth FreeRadius 2.1.X

Prabhpal S. Mavi prabhpal at digital-infotech.net
Sat Dec 15 16:14:28 CET 2012 

Dear Freeradius Hackers,

This is new implementation. Can someone help me to troubleshoot why
freeradius mysql authentication is failing. i have cross check every
expect but still seem that something is not in place.


What is i have done:

installed Freeradius + MySQL Databases
Configured Freeradius & Created MySQL Database.
configured the following files: "sql.conf" "radiusd.conf" "default"
enabled in radiusd.conf to "$INCLUDE = sql.conf"
Radius is up and running without authentication even from localhost.
Radius database is setup properly, no problem to start/stop "radiusd"
radios_log are shown in section below.


Results:

tail -f "/var/log/radius/radius.log - Output

Sat Dec 15 11:20:34 2012 : Info: rlm_sql (sql): Driver rlm_sql_mysql
(module rlm_sql_mysql) loaded and linked
Sat Dec 15 11:20:34 2012 : Info: rlm_sql (sql): Attempting to connect to
radius at localhost:3306/radius
Sat Dec 15 11:20:34 2012 : Info: rlm_sql (sql): Attempting to connect
rlm_sql_mysql #0
Sat Dec 15 11:20:34 2012 : Info: rlm_sql_mysql: Starting connect to MySQL
server for #0
Sat Dec 15 11:20:34 2012 : Info: rlm_sql (sql): Connected new DB handle, #0
Sat Dec 15 11:20:34 2012 : Info: rlm_sql (sql): Attempting to connect
rlm_sql_mysql #1
Sat Dec 15 11:20:34 2012 : Info: rlm_sql_mysql: Starting connect to MySQL
server for #1
Sat Dec 15 11:20:34 2012 : Info: rlm_sql (sql): Connected new DB handle, #1
Sat Dec 15 11:20:34 2012 : Info: rlm_sql (sql): Attempting to connect
rlm_sql_mysql #2
Sat Dec 15 11:20:34 2012 : Info: rlm_sql_mysql: Starting connect to MySQL
server for #2
Sat Dec 15 11:20:34 2012 : Info: rlm_sql (sql): Connected new DB handle, #2
Sat Dec 15 11:20:34 2012 : Info: rlm_sql (sql): Attempting to connect
rlm_sql_mysql #3
Sat Dec 15 11:20:34 2012 : Info: rlm_sql_mysql: Starting connect to MySQL
server for #3
Sat Dec 15 11:20:34 2012 : Info: rlm_sql (sql): Connected new DB handle, #3
Sat Dec 15 11:20:34 2012 : Info: rlm_sql (sql): Attempting to connect
rlm_sql_mysql #4
Sat Dec 15 11:20:34 2012 : Info: rlm_sql_mysql: Starting connect to MySQL
server for #4
Sat Dec 15 11:20:34 2012 : Info: rlm_sql (sql): Connected new DB handle, #4
Sat Dec 15 11:20:34 2012 : Info: Loaded virtual server <default>
Sat Dec 15 11:20:34 2012 : Info: Loaded virtual server inner-tunnel
Sat Dec 15 11:20:34 2012 : Info:  ... adding new socket proxy address *
port 32959
Sat Dec 15 11:20:34 2012 : Info: Ready to process requests.

=========================================================================

Output of "radiusd -X"

 ... adding new socket proxy address * port 51412
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Listening on command file /var/run/radiusd/radiusd.sock
Listening on authentication address 127.0.0.1 port 18120 as server
inner-tunnel
Listening on proxy address * port 1814
Ready to process requests.

========================================================================

Command to Check the radius Authentication:
radtest mark mypassword localhost 1812 99THi49UGotool

Output:
Sending Access-Request of id 48 to 41.171.71.61 port 1812
	User-Name = "mark"
	User-Password = "radmin"
	NAS-IP-Address = 192.168.3.106
	NAS-Port = 100
	Message-Authenticator = 0x00000000000000000000000000000000

======================================================================

Two MySQL Radius Users


PAY attention to the field "OP" (:= & ==) But auth is not working for any
user.


mysql> select * from radcheck where UserName='mark';
+----+----------+-----------+----+-----------------+
| id | UserName | Attribute | op | Value           |
+----+----------+-----------+----+-----------------+
|  3 | mark          | radmin    | := | 99THi49UGotool |
+----+----------+-----------+----+-----------------+
1 row in set (0.00 sec)

mysql> select * from radcheck where UserName='dany';
+----+----------+-----------+----+-----------------+
| id | UserName | Attribute | op | Value           |
+----+----------+-----------+----+-----------------+
|  1 | dany          | badmin     | == | 99THi49UGotool    |
+----+----------+-----------+----+-----------------+

radius is up and running without authentication "== or :="  make no
difference  none of the user can authenticate.

============================================

selinux off
freeradius is up
mysql db is up
there are two database users
why auth would be failing?

Any tip or clue would be greatly appreciated


Thanks / Regards

More information about the Freeradius-Users mailing list