OpenLdap + Freeradius on centos 6.5 Not working

Vishesh kumar linuxtovishesh at gmail.com
Fri May 15 14:33:22 CEST 2015 

I think my EAP setup is faulty and Supplicant sending EAP authentication
request. Let me correct the setup first.

Thanks
Vishesh Kumar

On Fri, May 15, 2015 at 5:05 PM, Vishesh kumar <linuxtovishesh at gmail.com>
wrote:

> I am  still struggling with below errors ,
>
> WARNING: No "known good" password was found in LDAP.
> ...............................
> ....................................................
> ERROR: No authenticate method (Auth-Type) found for the request: Rejecting
> the u
>                  ser
> Failed to authenticate the user.
> Using Post-Auth-Type Reject
>   WARNING: Unknown value specified for Post-Auth-Type.  Cannot perform
> requested
>                       action.
>
>
> Below is my Default configuration Now
> +++++++++++++++++++++
> authorize {
>         preprocess
>         ldap
>         mschap
> }
> authenticate {
> Auth-Type LDAP{
>      ldap
>  }
>  mschap
>  eap
>  }
> ++++++++++++++++++++++++++++++++++++++++++
>
> Below is my inner-tunnel configuration,
> ++++++++++++++++++++++++++++++
> server inner-tunnel {
> listen {
>        ipaddr = 127.0.0.1
>        port = 18120
>        type = auth
> }
> authorize {
>         chap
>         mschap
>         suffix
>         update control {
>                Proxy-To-Realm := LOCAL
>         }
>         files
>         ldap
>         expiration
>         logintime
>         pap
> }
> authenticate {
>         Auth-Type PAP {
>                 ldap
>         }
>         Auth-Type CHAP {
>                 chap
>         }
>         Auth-Type MS-CHAP {
>                 mschap
>         }
>         unix
>         Auth-Type LDAP {
>                 ldap
>         }
>         eap
> }
> session {
>         radutmp
> }
> post-auth {
>         Post-Auth-Type REJECT {
>                 attr_filter.access_reject
>         }
> }
> +++++++++++++++++++++++++++++++++++++++++++++++++
>
> I don't know what mistake I am doing here.
>
> Thanks
> Vishesh Kumar
>
> On Fri, May 15, 2015 at 2:20 PM, Vishesh kumar <linuxtovishesh at gmail.com>
> wrote:
>
>> Thanks Alan,
>>
>> Let me configure EAP then,
>>
>> Thanks
>> Vishesh Kumar
>>
>> On Thu, May 14, 2015 at 6:34 PM, <A.L.M.Buxey at lboro.ac.uk> wrote:
>>
>>> Hi,
>>>
>>> > below are the logs I am getting in case of failure,
>>>
>>> this is an EAP packet..... therefore you need to be in the inner-tunnel
>>> before you have any visibility of the password..... so you cannot
>>> check/auth
>>> in the outer-tunnel - this is one of those cases where you will likely
>>> need
>>> to set the Auth-Type to LDAP manually (in users file or via unlang) to
>>> ensure
>>> that the process continues and the server carries on into the
>>> inner-tunnel.
>>>
>>> alan
>>> -
>>> List info/subscribe/unsubscribe? See
>>> http://www.freeradius.org/list/users.html
>>>
>>
>>
>>
>> --
>> Regards,
>> Vishesh Kumar
>> http://linuxmantra.com
>>
>
>
>
> --
> Regards,
> Vishesh Kumar
> http://linuxmantra.com
>



-- 
Regards,
Vishesh Kumar
http://linuxmantra.com

More information about the Freeradius-Users mailing list