Radius Squid authentication REJECT
Matthias Nagel
matthias.h.nagel at gmail.com
Thu Apr 11 11:17:52 CEST 2013
Hello,
Am Donnerstag 11 April 2013, 16:07:08 schrieb Iftakhul Anwar:
> Hi Matthias,
>
> I don't use " " on my squid_rad_auth.conf
I know, that is the reason why I asked you to check for non-printable characters AFTER your shared secret.
> No space on my scret.
And what is between the last printable character of your secret and the new line?
Matthias
> This is my squid_rad_auth.conf
>
> server 192.168.2.3
> secret testing123
>
> On my radcheck, i also using Cleartext-Password on my racheck table
>
> Any another clue ?
>
> Thanks
>
>
>
> On Thu, Apr 11, 2013 at 3:59 PM, Matthias Nagel
> <matthias.h.nagel at gmail.com>wrote:
>
> > Hello,
> >
> > did you do what the warning says and double checked the shared secret?
> >
> > As far as I see the squid_rad_auth.conf does not use quotation marks ("")
> > to delimit the shared secret. Hence, perhaps you have trailing white spaces
> > or something like that at the end of the line. Delete the line "secret" in
> > squid_rad_auth.conf and type it again. I really mean to delete it in order
> > to get rid of unprintable characters you might not see.
> >
> > Matthias
> >
> > Am Donnerstag 11 April 2013, 15:47:33 schrieb Iftakhul Anwar:
> > > Hi All,
> > >
> > >
> > > I have successfully configure freeradius with mysql. i can radtest using
> > > command :
> > >
> > > sudo radtest alice password 192.168.2.3 1812 testing123
> > > Sending Access-Request of id 187 to 192.168.2.3 port 1812
> > > User-Name = "alice"
> > > User-Password = "password"
> > > NAS-IP-Address = 127.0.1.1
> > > NAS-Port = 1812
> > > Message-Authenticator = 0x00000000000000000000000000000000
> > >
> > > rad_recv: Access-Accept packet from host 192.168.2.3 port 1812,
> > > id=187, length=20
> > >
> > > Now i try squid using radius authentication.
> > >
> > > i followed step by step from :
> > >
> > > http://safesrv.net/setup-squid-and-freeradius-on-centos-5/#comment-1043
> > >
> > > But i got error message log on cache.log
> > >
> > > Warning: Received invalid reply digest from server
> > > Warning: Received invalid reply digest from server
> > > Warning: Received invalid reply digest from server
> > > squid_rad_auth: No response from RADIUS server
> > >
> > > On radius -X debug there is error message like bellow :
> > >
> > > Sending duplicate reply to client localprivate port 42003 – ID: 2
> > > Sending Access-Reject of id 2 to 192.168.2.3 port 42003
> > > Waking up in 2.9 seconds.
> > > rad_recv: Access-Request packet from host 192.168.2.3 port 42003,
> > > id=2, length=63
> > > Sending duplicate reply to client localprivate port 42003 – ID: 2
> > > Sending Access-Reject of id 2 to 192.168.2.3 port 42003
> > > Waking up in 0.9 seconds.
> > > Found Auth-Type = PAP
> > > # Executing group from file /usr/local/etc/raddb/sites-enabled/default
> > > +- entering group PAP {…}
> > > [pap] login attempt with password “b9?I? +�(�Ч�Y�?”
> > > [pap] Using clear text password “password”
> > > [pap] Passwords don’t match
> > > ++[pap] returns reject
> > > Failed to authenticate the user.
> > > WARNING: Unprintable characters in the password. Double-check the
> > > shared secret on the server and the NAS!
> > > Using Post-Auth-Type REJECT
> > >
> > > What is that error ? How i can solve this
> > >
> > > Thanks
> > >
> > >
> > ----------------------------------------------------------------------
> > Matthias Nagel
> > Willy-Andreas-Allee 1, Zimmer 506
> > 76131 Karlsruhe
> >
> > Telefon: +49-721-8695-1506
> > Mobil: +49-151-15998774
> > e-Mail: matthias.h.nagel at gmail.com
> > ICQ: 499797758
> > Skype: nagmat84
> >
> > -
> > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
>
>
>
>
>
----------------------------------------------------------------------
Matthias Nagel
Willy-Andreas-Allee 1, Zimmer 506
76131 Karlsruhe
Telefon: +49-721-8695-1506
Mobil: +49-151-15998774
e-Mail: matthias.h.nagel at gmail.com
ICQ: 499797758
Skype: nagmat84
More information about the Freeradius-Users
mailing list