Values for MySQL tables for pptpd ?

Ali Jawad ali.jawad at splendor.net
Wed May 23 12:13:45 CEST 2012


Hi
Thanks again

I did remove Auth-Type entry from DB and error says now

rlm_sql (sql): Released sql socket id: 4
++[sql] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user.  Authentication
may fail because of this.
++[pap] returns noop
ERROR: No authenticate method (Auth-Type) found for the request: Rejecting
the user
Failed to authenticate the user.
Using Post-Auth-Type Reject
# Executing group from file /etc/raddb/sites-enabled/default
+- entering group REJECT {...}
[attr_filter.access_reject]     expand: %{User-Name} -> test
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 0 for 1 seconds

I am using a pptpd server, it has plugin radius.so plugin radattr.so
loaded. The radius client is :

rpm -qa | grep radiusclient
radiusclient-ng-utils-0.5.6-3.el5
radiusclient-ng-0.5.6-3.el5

It's radiusclient config is :

auth_order      radius
login_tries     4
login_timeout   60
nologin         /etc/nologin
issue           /etc/radiusclient/issue
authserver      localhost:1812
acctserver      localhost:1813
servers         /etc/radiusclient/servers
#dictionary      /etc/raddb/dictionary
dictionary      /usr/share/radiusclient-ng/dictionary
login_radius    /usr/sbin/login.radius
seqfile         /var/run/radius.seq
mapfile         /etc/radiusclient/port-id-map
default_realm
radius_timeout  10
radius_retries  3
login_local     /bin/login

On Wed, May 23, 2012 at 12:54 PM, Alan DeKok <aland at deployingradius.com>wrote:

> Ali Jawad wrote:
> > Thanks for your patience so far.
> >
> > I did edit include sql.conf and only edited authorize to uncomment sql
> line.
> >
> > Now I am getting the below.
> >
> > [chap] ERROR: You set 'Auth-Type = CHAP' for a request that does not
> > contain a CHAP-Password attribute!
>
>   Because you forced Auth-Type := CHAP.  Don't do that.
>
> > I did try as LOCAL and it says set CHAP, I also tried mschap
>
>   It's MUCH better to *understand* what's going on.  Trying random
> changes is terrible.
>
> > Listening on proxy address * port 1814
> > Ready to process requests.
> > rad_recv: Access-Request packet from host 127.0.0.1 port 36343, id=0,
> > length=67
> >         Service-Type = Framed-User
> >         Framed-Protocol = PPP
> >         User-Name = "test"
> >         Calling-Station-Id = "xxxxxxxx"
> >         NAS-IP-Address = 127.0.0.1
> >         NAS-Port = 0
>
>   There's no password in this request.  Use a RADIUS client that sends a
> password!
>
>  Whatever RADIUS client you're using is broken.  Don't use it.
>
>  Alan DeKok.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>



-- 
*Ali Jawad
*
*Information Systems Manager*
*Splendor Telecom (www.splendor.net)
Beirut, Lebanon
Phone: +9611373725/ext 116
FAX: +9611375554*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120523/915ce692/attachment.html>


More information about the Freeradius-Users mailing list