Mikrotik DHCP and "auth-type := accept"

Osvaldo T Crispim Filho osvaldotcf at gmail.com
Mon Apr 27 19:25:31 CEST 2015


On radcheck

id    username    attribute    op    value

9664    DC:FF:BB:66:BE:9E    MD5-Password    :=
54a56092489fa15032cf0a709032c184
9665    DC:FF:BB:66:BE:9E    Auth-Type    :=    Accept
5876    DC:FF:BB:66:BE:9E    Calling-Station-Id    =~    DC:FF:BB:66:BE:9E


Freeradius Log

rad_recv: Access-Request packet from host 192.168.254.2 port 58450, id=134,
length=116
        NAS-Port-Type = Ethernet
        NAS-Port = 2202226454
        Calling-Station-Id = "1:dc:ff:bb:66:be:9e"
        Called-Station-Id = "serverT1"
        User-Name = "DC:FF:BB:66:BE:9E"
        User-Password = ""
        NAS-Identifier = "rb-ssa01"
        NAS-IP-Address = 192.168.254.2
Sun Apr 26 22:50:42 2015 : Info: # Executing section authorize from file
/etc/freeradius/sites-enabled/default
Sun Apr 26 22:50:42 2015 : Info: +- entering group authorize {...}
Sun Apr 26 22:50:42 2015 : Info: ++[preprocess] returns ok
Sun Apr 26 22:50:42 2015 : Info: ++[chap] returns noop
Sun Apr 26 22:50:42 2015 : Info: ++[mschap] returns noop
Sun Apr 26 22:50:42 2015 : Info: ++[digest] returns noop
Sun Apr 26 22:50:42 2015 : Info: [suffix] No '@' in User-Name =
"DC:FF:BB:66:BE:9E", looking up realm NULL
Sun Apr 26 22:50:42 2015 : Info: [suffix] No such realm "NULL"
Sun Apr 26 22:50:42 2015 : Info: ++[suffix] returns noop
Sun Apr 26 22:50:42 2015 : Info: [eap] No EAP-Message, not doing EAP
Sun Apr 26 22:50:42 2015 : Info: ++[eap] returns noop
Sun Apr 26 22:50:42 2015 : Info: ++[files] returns noop
Sun Apr 26 22:50:42 2015 : Info: [sql]  expand: %{User-Name} ->
DC:FF:BB:66:BE:9E
Sun Apr 26 22:50:42 2015 : Info: [sql] sql_set_user escaped user -->
'DC:FF:BB:66:BE:9E'
Sun Apr 26 22:50:42 2015 : Debug: rlm_sql (sql): Reserving sql socket id: 4
Sun Apr 26 22:50:42 2015 : Info: [sql]  expand: SELECT id, UserName,
Attribute, Value, Op   FROM radcheck   WHERE Username =
'%{SQL-User-Name}'   ORDER BY id -> SELECT id, UserName, Attribute$
Sun Apr 26 22:50:42 2015 : Debug: rlm_sql_postgresql: Status:
PGRES_TUPLES_OK
Sun Apr 26 22:50:42 2015 : Debug: rlm_sql_postgresql: query affected rows =
3 , fields = 5
Sun Apr 26 22:50:42 2015 : Info: [sql]  expand: %{Calling-Station-Id} ->
1:dc:FF:BB:66:be:9e
Sun Apr 26 22:50:42 2015 : Info: [sql]  expand: SELECT GroupName FROM
radusergroup WHERE UserName='%{SQL-User-Name}' ORDER BY priority -> SELECT
GroupName FROM radusergroup WHERE UserName='DC$
Sun Apr 26 22:50:42 2015 : Debug: rlm_sql_postgresql: Status:
PGRES_TUPLES_OK
Sun Apr 26 22:50:42 2015 : Debug: rlm_sql_postgresql: query affected rows =
2 , fields = 1
Sun Apr 26 22:50:42 2015 : Info: [sql]  expand: SELECT id, GroupName,
Attribute, Value, op   FROM radgroupcheck   WHERE GroupName =
'%{Sql-Group}'   ORDER BY id -> SELECT id, GroupName, Attri$
Sun Apr 26 22:50:42 2015 : Debug: rlm_sql_postgresql: Status:
PGRES_TUPLES_OK
Sun Apr 26 22:50:42 2015 : Debug: rlm_sql_postgresql: query affected rows =
1 , fields = 5
Sun Apr 26 22:50:42 2015 : Info: [sql] User found in group hs_ssa1
Sun Apr 26 22:50:42 2015 : Info: [sql]  expand: SELECT id, GroupName,
Attribute, Value, op   FROM radgroupreply   WHERE GroupName =
'%{Sql-Group}'   ORDER BY id -> SELECT id, GroupName, Attri$
Sun Apr 26 22:50:42 2015 : Debug: rlm_sql_postgresql: Status:
PGRES_TUPLES_OK
Sun Apr 26 22:50:42 2015 : Debug: rlm_sql_postgresql: query affected rows =
1 , fields = 5
Sun Apr 26 22:50:42 2015 : Info: [sql]  expand: SELECT id, GroupName,
Attribute, Value, op   FROM radgroupcheck   WHERE GroupName =
'%{Sql-Group}'   ORDER BY id -> SELECT id, GroupName, Attri$
Sun Apr 26 22:50:42 2015 : Debug: rlm_sql_postgresql: Status:
PGRES_TUPLES_OK
Sun Apr 26 22:50:42 2015 : Debug: rlm_sql_postgresql: query affected rows =
0 , fields = 5
Sun Apr 26 22:50:42 2015 : Info: [sql] User found in group Conectado2
Sun Apr 26 22:50:42 2015 : Info: [sql]  expand: SELECT id, GroupName,
Attribute, Value, op   FROM radgroupreply   WHERE GroupName =
'%{Sql-Group}'   ORDER BY id -> SELECT id, GroupName, Attri$
Sun Apr 26 22:50:42 2015 : Debug: rlm_sql_postgresql: Status:
PGRES_TUPLES_OK
Sun Apr 26 22:50:42 2015 : Debug: rlm_sql_postgresql: query affected rows =
1 , fields = 5
Sun Apr 26 22:50:42 2015 : Debug: rlm_sql (sql): Released sql socket id: 4
Sun Apr 26 22:50:42 2015 : Info: ++[sql] returns ok
Sun Apr 26 22:50:42 2015 : Info: ++[expiration] returns noop
Sun Apr 26 22:50:42 2015 : Info: ++[logintime] returns noop
Sun Apr 26 22:50:42 2015 : Info: [pap] WARNING! No "known good" password
found for the user.  Authentication may fail because of this.
Sun Apr 26 22:50:42 2015 : Info: ++[pap] returns noop
*Sun Apr 26 22:50:42 2015 : Info: ERROR: No authenticate method (Auth-Type)
found for the request: Rejecting the user*
Sun Apr 26 22:50:42 2015 : Info: Failed to authenticate the user.
Sun Apr 26 22:50:42 2015 :* Info: Using Post-Auth-Type Reject*
Sun Apr 26 22:50:42 2015 : Info: # Executing group from file
/etc/freeradius/sites-enabled/default
Sun Apr 26 22:50:42 2015 : Info: +- entering group REJECT {...}
Sun Apr 26 22:50:42 2015 : Info: [sql]  expand: %{User-Name} ->
DC:FF:BB:66:BE:9E
Sun Apr 26 22:50:42 2015 : Info: [sql] sql_set_user escaped user -->
'DC:FF:BB:66:BE:9E'
Sun Apr 26 22:50:42 2015 : Info: [sql]  expand: %{User-Password} ->
Sun Apr 26 22:50:42 2015 : Info: [sql]  ... expanding second conditional
Sun Apr 26 22:50:42 2015 : Info: [sql]  expand: INSERT INTO radpostauth
(username, pass, reply, authdate)   VALUES ('%{User-Name}',
'%{%{User-Password}:-Chap-Password}', '%{reply:Packet-Type}$
Sun Apr 26 22:50:42 2015 : Debug: rlm_sql (sql) in sql_postauth: query is
INSERT INTO radpostauth (username, pass, reply, authdate)   *VALUES
('DC:FF:BB:66:BE:9E', 'Chap-Password', 'Access-Rej$*          << Why
Chap-Password here? >>
Sun Apr 26 22:50:42 2015 : Debug: rlm_sql (sql): Reserving sql socket id: 3
Sun Apr 26 22:50:42 2015 : Debug: rlm_sql_postgresql: Status:
PGRES_COMMAND_OK
Sun Apr 26 22:50:42 2015 : Debug: rlm_sql_postgresql: query affected rows =
1
Sun Apr 26 22:50:42 2015 : Debug: rlm_sql (sql): Released sql socket id: 3
Sun Apr 26 22:50:42 2015 : Info: ++[sql] returns ok
Sun Apr 26 22:50:42 2015 : Info: [attr_filter.access_reject]    expand:
%{User-Name} -> DC:FF:BB:66:BE:9E
Sun Apr 26 22:50:42 2015 : Debug:  attr_filter: Matched entry DEFAULT at
line 11
Sun Apr 26 22:50:42 2015 : Info: ++[attr_filter.access_reject] returns
updated
Sun Apr 26 22:50:42 2015 : Info: Delaying reject of request 2 for 1 seconds
Sun Apr 26 22:50:42 2015 : Debug: Going to the next request





2015-04-27 13:35 GMT-03:00 Alan DeKok <aland at deployingradius.com>:

> On Apr 27, 2015, at 12:16 PM, Osvaldo T Crispim Filho <
> osvaldotcf at gmail.com> wrote:
> > I want to use DHCP Server of Mikrotik with rlm_sqlippool.
> > DHCP Server on Mikrotik do not send password.
> > I want to use "auth-type := Accept" withou password
>
>   That should work.
>
> > I receve this on log:
> > Info: ERROR: No authenticate method (Auth-Type) found for the request:
> > Rejecting the user
> >
> > How can i do that?
>
>   Set Auth-Type := Accept for the user.
>
>   What does the debug log show?
>
>   Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html




-- 
             - Osvaldo T Crispim Filho -


More information about the Freeradius-Users mailing list