Where is PAP problem

Fajar A. Nugraha list at fajar.net
Mon Sep 7 12:02:09 CEST 2015

On Mon, Sep 7, 2015 at 3:44 PM, Tevfik Ceydeliler
<tevfik.ceydeliler at astron.yasar.com.tr> wrote:
> Actually not.
> Because NAS-IP-Address !=
> !:=  As a check item, matches if the given attribute is in the request, AND
> does not have the given value.

Exactly. Your debug log says
rad_recv: Access-Request packet from host port 24348,
id=217, length=138
    NAS-IP-Address =

which means it fits the criteria above, thus Auth-Type is set to Reject

> Anyway. I found the error. Security person gives me wrong interfce IP
> address. When I change IP address  it works.

Which is what I wrote above.

And (depending on how you want your setup to behave) you also won't
get Auth-Type Reject if you remove the check item row entirely.


More information about the Freeradius-Users mailing list