Radius and MYSQL

Alexandre Vilarinho vilarinhomail-dev at yahoo.com.br
Tue Sep 8 17:15:59 CEST 2015


Alan thanx for the reply.
I've read the documentation, but is not clear for me.
For example:
in the Radacct database there is no configuration.
in the radchack database i've added the following configuration:
    username - rafael
    attribute - Cleartext-Password
    op - :=
    value - teste

I think that is this case, I configuring a user and specifying the password right?
In the radgroupcheck database i've added the following configuration:
    1st row    groupname - privilegio_15
    Attribute - Service-Type
    op = Nas-Prompt-User

    2nd row
    groupname - privilegio_15
    Attribute - Cisco_AVPair
    op = shell:priv-lvl=15

In the radgroupreply database there is no configuration
in the radpostauth database there is no configuration
in the radrepy database    1st row
    username - rafael
    attribute - Fall-Through
    op - =
    Value - Yes

in the radusergrupo database    username - rafael
    groupname - privilegio_15
    priority - 1

in the radusergroup database there is no option to delete, edit or any thing. Is this correct?
with this configuration added I tried to authenticate the radius user:
Follow the command and the reply
root at Radius-LDAP-Server:~# /etc/init.d/freeradius stop * Stopping FreeRADIUS daemon freeradius                                         * /var/run/freeradius/freeradius.pid not found...                       [ OK ] root at Radius-LDAP-Server:~# /etc/init.d/freeradius start * Starting FreeRADIUS daemon freeradius                                 [ OK ] 
root at Radius-LDAP-Server:~# radtest rafael teste localhost 1812 testing123
Sending Access-Request of id 190 to 127.0.0.1 port 1812 User-Name = "rafael" User-Password = "teste" NAS-IP-Address = 127.0.1.1 NAS-Port = 1812 Message-Authenticator = 0x00000000000000000000000000000000rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=190, length=20
root at Radius-LDAP-Server:~# 
There authentication failed. I presume there is something wrong this my configuration.
Can you help me and explain what i'm doing wrong?
Regards
Alex
 


     Em Terça-feira, 8 de Setembro de 2015 11:46, Alan DeKok <aland at deployingradius.com> escreveu:
   

 On Sep 8, 2015, at 10:25 AM, Alexandre Vilarinho <vilarinhomail-dev at yahoo.com.br> wrote:
> I'm new at Radius and I'm trying do configure Radius do authenticate the user from MYSQL databank.
> I configured the user in the user configuration file and it is working correctly, follow the configuration of the user.
> teste1  Cleartext-Password := "teste"        Service-Type = NAS-Prompt-User,        Cisco-AVPair = "shell:priv-lvl=1",        Cisco-AVPair = "shell:cmd=show",        Cisco-AVPair = "shell:cmd=show privilege"
> For this user I would like to configure a group in MYSQL called Privilege Level 1 and add it to that group.
> The Privilege Level 1 group should have the following configuration:
>        Service-Type = NAS-Prompt-User,        Cisco-AVPair = "shell:priv-lvl=1",        Cisco-AVPair = "shell:cmd=show",        Cisco-AVPair = "shell:cmd=show privilege"
> The user should have have the following configuration:
> teste1  Cleartext-Password := "teste" 

  See:

http://wiki.freeradius.org/modules/Rlm_sql

  for instructions on how the SQL module works.

> I've already installed MYSQL database and it is also integrated with Radius. I've followed the following explanation webpage tutorial - guide/SQL HOWTO
> I think that mysql databank and databases are correct and integrated with Radius.
> I didn't find any tutorial for beginners that explain step-by-step what should be done to configure the user group and the user.
> Can anyone explain to me how I can configure the user and the group?

  This is all documented in the wiki.

  Just put data into the correct fields in SQL, and it will work.

  Alan DeKok.


  


More information about the Freeradius-Users mailing list