Problem with using MySQL for radius clients

Mik J mikydevel at yahoo.fr
Sat Nov 9 14:28:12 CET 2013 

Thank you both for your answers.
I had forgotten to specify in my first mail that I've restarted the radiusd numerous times and that my sql.conf file contains
readclients = yes
nas_table = "nas"

I've put a # in front of files because I wanted the radiusd to check the user's password only in MySQLAlan, sorry but I didn't understand what you wrote in your last sentence, about that.
And how to enable MySQL only without clients.conf ?


So I still have the problem and I don't understand what's wrong
mysql> select * from nas;
+----+----------------+-----------+-------+-------+-----------+--------+-----------+-------------------+
| id | nasname        | shortname | type  | ports | secret    | server | community | description       |
+----+----------------+-----------+-------+-------+-----------+--------+-----------+-------------------+
|  1 | 192.168.0.1   | myNAS     | other |  NULL | mysecret  | NULL   | NULL      | RADIUS Client     |

When I start the server with the -X option
rlm_sql_mysql: query:  SELECT id, nasname, shortname, type, secret, server FROM nas
rlm_sql (sql): Read entry nasname=192.168.0.1,shortname=myNAS,secret=mysecret
rlm_sql (sql): Adding client 192.168.0.1 (myNAS, server=<none>) to clients list





Le Samedi 9 novembre 2013 13h02, "A.L.M.Buxey at lboro.ac.uk" <A.L.M.Buxey at lboro.ac.uk> a écrit :
 
Hi,
>
>>    I know that by default you configure your radius clients in the file
>>    /etc/raddb/clients.conf
>
>correct
>
>>    However I would like them to be entered in MySQL
>
>thats easy. add them to the NAS table in your MySQL DB and then simply read the
>sql.conf file near the bottom and uncomment the readclients = yes line.
>
>
>>    I have modified the file /etc/raddb/sites-enabled/default and I expect the
>>    Freeradius server to check the clients in MySQL instead of clients.conf
>>    authorize {
>>    sql
>>    #files
>>    }
>
>???? no. what you've done there is enable SQL in the authorise stage...so a
>device attempting to use RADIUS will be checked against SQL. except that it wont
>because the NAS trying to talk wont be allowed to talk (and commenting out
>'files' means that the users file wont work anymore....thats what that option does!)
>
>alan
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20131109/ec27a273/attachment-0001.html>

More information about the Freeradius-Users mailing list