Help needed configuring MAB on FreeRADIUS and Cisco switch

Kaya Saman kayasaman at gmail.com
Tue Jul 17 10:54:57 CEST 2012 

Hi Alan,

sorry for the mishaps yesterday......

On Mon, Jul 16, 2012 at 4:20 PM, alan buxey <A.L.M.Buxey at lboro.ac.uk> wrote:
[...]
>
>> By placing the entry you suggested at the top of the /etc/raddb/users
>> file and restarting the server I got this:
>
> well, no you didnt...or rather, if you did stick that in the users file
> then its certainly not the users file that the server is reading. you are editing
> the live server config and not some extracted archive file?
>


Let's just try to focus on this issue and get a basic system up and
running before continuing on - as that is inevitably what you were
trying to do :-)


Ok so first let's get back to real basics and check where we are in
the file system:


# cd /etc/raddb

# ls
acct_users                 clients.conf  policy.conf      sql
attrs                      dictionary    policy.txt       sql.conf
attrs.access_challenge     eap.conf      preproxy_users   sqlippool.conf
attrs.access_reject        example.pl    proxy.conf       templates.conf
attrs.accounting_response  hints         radiusd.conf     users
attrs.pre-proxy            huntgroups    sites-available
certs                      modules       sites-enabled

# cat users | more
 0015c5537baa Cleartext-Password := "0015c5537baa"
          Tunnel-Type:0 = VLAN,
          Tunnel-Medium-Type:0 = IEEE-802,
          Tunnel-Private-Group-Id:0 = "3",
          Tunnel-Preference = 0x000000

#
#	Please read the documentation file ../doc/processing_users_file,
#	or 'man 5 users' (after installing the server) for more information.
#
#	This file contains authentication security and configuration
#	information for each user.  Accounting requests are NOT processed
#	through this file.  Instead, see 'acct_users', in this directory.
#
#	The first field is the user's name and can be up to
#	253 characters in length.  This is followed (on the same line) with
#	the list of authentication requirements for that user.  This can
#	include password, comm server name, comm server port number, protocol
#	type (perhaps set by the "hints" file), and huntgroup name (set by


I have additionally attached the full file just incase!


Let's see in the file system if there are any other files called users
which maybe the 'source' of the Radius service:


# find / -name users
/usr/bin/users
/etc/selinux/targeted/contexts/users
/etc/raddb/users
/var/www/daloradius/contrib/configs/freeradius-1.1.7/cfg1/freeradius/users


Will disabling SElinux help, could that be blocking things as it
usually does with TFTP???


Regards,


Kaya
-------------- next part --------------
A non-text attachment was scrubbed...
Name: users
Type: application/octet-stream
Size: 6732 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120717/e9511277/attachment-0001.obj>

More information about the Freeradius-Users mailing list