freeRADIUS for switch authentication

Gab Quidilla gbquidilla21 at
Mon Jul 8 08:38:43 CEST 2013

Good day, I've had a freeradius + daloradius + mysql setup to be used for
the authentication of our Allied Telesis switches at our different branches.

I configured the switch to use radius authentication at Login, could
someone check whether the output if radius works on the switch? As there is
no access-accept message I received on radiusd -X

Password is MD5 encrypted, if that helps.



Ready to process requests.
rad_recv: Accounting-Request packet from host port 49154,
id=0, length=84
        User-Name = "netops"
        NAS-IP-Address =
        Called-Station-Id = ""
        Calling-Station-Id = ""
        Acct-Status-Type = Start
        Acct-Session-Id = "0500001F"
        Acct-Authentic = Local
# Executing section preacct from file /etc/raddb/sites-enabled/default
+- entering group preacct {...}
++[preprocess] returns ok
[acct_unique] WARNING: Attribute NAS-Port was not found in request, unique
ID MAY be inconsistent
[acct_unique] Hashing ',Client-IP-Address =,NAS-IP-Address =,Acct-Session-Id = "0500001F",User-Name = "netops"'
[acct_unique] Acct-Unique-Session-ID = "b320652fa80c290b".
++[acct_unique] returns ok
[suffix] No '@' in User-Name = "netops", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
++[files] returns noop
# Executing section accounting from file /etc/raddb/sites-enabled/default
+- entering group accounting {...}
[detail]        expand: %{Packet-Src-IP-Address} ->
[detail]        expand:
-> /var/log/radius/radacct/
expands to /var/log/radius/radacct/
[detail]        expand: %t -> Mon Jul  8 14:12:31 2013
++[detail] returns ok
++[unix] returns noop
[radutmp]       expand: /var/log/radius/radutmp -> /var/log/radius/radutmp
[radutmp]       expand: %{User-Name} -> netops
  rlm_radutmp: No NAS-Port seen.  Cannot do anything.
  rlm_radumtp: WARNING: checkrad will probably not work!
++[radutmp] returns noop
[sql]   expand: %{User-Name} -> netops
[sql] sql_set_user escaped user --> 'netops'
[sql]   expand: %{Acct-Delay-Time} ->
[sql]   ... expanding second conditional
[sql]   expand:            INSERT INTO radacct
(acctsessionid,    acctuniqueid,     username,
realm,            nasipaddress,     nasportid,
nasporttype,      acctstarttime,    acctstoptime,
acctsessiontime,  acctauthentic,    connectinfo_start,
connectinfo_stop, acctinputoctets,  acctoutputoctets,
calledstationid,  callingstationid, acctterminatecause,
servicetype,      framedprotocol,   framedipaddress,
acctstartdelay,   acctstopdelay,    xascendsessionsvrkey)
VALUES             ('%{Acct-Session-Id}',
'%{Acct-Unique-Session-Id}',              '%{SQL-User-Name}',
'%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}',
'%{NAS-Port-Type}', '%S', NULL,              '0', '%{Acct-Authentic}',
'%{Connect-Info}',              '', '0', '0',
'%{Called-Station-Id}', '%{Calling-Station-Id}', '',
'%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}',
rlm_sql (sql): Reserving sql socket id: 3
rlm_sql (sql): Released sql socket id: 3
++[sql] returns ok
++[exec] returns noop
[attr_filter.accounting_response]       expand: %{User-Name} -> netops
attr_filter: Matched entry DEFAULT at line 12
++[attr_filter.accounting_response] returns updated
Sending Accounting-Response of id 0 to port 49154
Finished request 0.
Cleaning up request 0 ID 0 with timestamp +72
Going to the next request
Ready to process requests.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Freeradius-Users mailing list