problem with test aaa-server in ciscoasa

studyfordo studyfordo at 163.com
Sat Nov 24 07:00:45 CET 2012


firstly, thanks  Mathew Newton and alan buxey.
I run freeradius -X  and run  test  in ciso asa5520. details as follows.
rad_recv: Access-Request packet from host 192.168.30.254 port 1025, id=72, length=61
        User-Name = "tsb"
        User-Password = "123456"
        NAS-IP-Address = 192.168.30.254
        NAS-Port = 64
        NAS-Port-Type = Virtual
# Executing section authorize from file /opt/freeadius/etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "tsb", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user.  Authentication may fail because of this.
++[pap] returns noop
ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user
Failed to authenticate the user.
Using Post-Auth-Type REJECT
# Executing group from file /opt/freeadius/etc/raddb/sites-enabled/default
+- entering group REJECT {...}
[attr_filter.access_reject]     expand: %{User-Name} -> tsb
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 1 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 1
Sending Access-Reject of id 72 to 192.168.30.254 port 1025
Waking up in 4.9 seconds.
Cleaning up request 1 ID 72 with timestamp +430
Ready to process requests.
 
I have add user such as following format
cat users | sed -n '/^[^#]/p'
 tsb            Cleartext-Password := "123456"
DEFAULT Framed-Protocol == PPP
        Framed-Protocol = PPP,
        Framed-Compression = Van-Jacobson-TCP-IP
DEFAULT Hint == "CSLIP"
        Framed-Protocol = SLIP,
        Framed-Compression = Van-Jacobson-TCP-IP
DEFAULT Hint == "SLIP"
        Framed-Protocol = SLIP

So  I still problem with user fomat in file users? pls give me some advice. thanks
 
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20121124/37d3501d/attachment.html>


More information about the Freeradius-Users mailing list