authentication-failed

Ejaz mejaz at cyberia.net.sa
Sun Apr 17 17:38:50 CEST 2016 

Hello all. 

 

1.	NAS (MDG from Motorola, do we need add addionational attributes  in
dictionary file for the Motorola MDG)
2.	Freeradius version 3.x,  oracle 11g client  (installed or Dell
PowerEdge R730 or oracle 11x86)
3.	Database  (installed or Sparc remote server)
4.	Driver rlm_sql is already installed .

 <mailto:root at ruh02saaa02:/usr/local/freeradius3/lib>
root at ruh02saaa02:/usr/local/freeradius3/lib# ls -l rlm_sql_oracle*

-rwxr-xr-x 1 root root 964808 Apr 14 14:35 rlm_sql_oracle.a

-rwxr-xr-x 1 root root     27 Apr 14 14:35  <http://rlm_sql_oracle.la/>
rlm_sql_oracle.la

-rwxr-xr-x 1 root root 775232 Apr 14 14:35 rlm_sql_oracle.so 

 
 

The Radius server is able to connect to the database as below  but the
authentication is failed.  as i am very new to freeradius any help would be
highly appreciated.. 

 

 }

Listening on auth address 127.0.0.1 port 18120 bound to server inner-tunnel

Listening on auth address * port 1812 bound to server default

Listening on acct address * port 1813 bound to server default

Listening on auth address :: port 1812 bound to server default

Listening on acct address :: port 1813 bound to server default

Listening on proxy address * port 59512

Listening on proxy address :: port 52582

Ready to process requests

(0) Received Access-Request Id 0 from  <http://10.99.10.135:54942/>
10.99.10.135:54942 to  <http://0.0.0.0:1812/> 0.0.0.0:1812 length
52

(0)   User-Name = "10.10.82.80 "

(0)   User-Password = "cisco"

(0) # Executing section authorize from file
/usr/local/freeradius3/etc/raddb/sit
es-enabled/default

(0)   authorize {

(0)     policy filter_username {

(0)       if (&User-Name) {

(0)       if (&User-Name)  -> TRUE

(0)       if (&User-Name)  {

(0)         if (&User-Name =~ / /) {

(0)         if (&User-Name =~ / /)  -> TRUE

(0)         if (&User-Name =~ / /)  {

(0)           update request {

(0)             &Module-Failure-Message += 'Rejected: User-Name contains
whitesp
ace'

(0)           } # update request = noop

(0)           [reject] = reject

(0)         } # if (&User-Name =~ / /)  = reject

(0)       } # if (&User-Name)  = reject

(0)     } # policy filter_username = reject

(0)   } # authorize = reject

(0) Using Post-Auth-Type Reject

(0) # Executing group from file
/usr/local/freeradius3/etc/raddb/sites-enabled/d
efault

(0)   Post-Auth-Type REJECT {

(0) sql: EXPAND .query

(0) sql:    --> .query

(0) sql: Using query template 'query'

rlm_sql (sql): Closing connection (0): Hit idle_timeout, was idle for 104
second
s

rlm_sql (sql): Closing connection (1): Hit idle_timeout, was idle for 104
second
s

rlm_sql (sql): Closing connection (2): Hit idle_timeout, was idle for 104
second
s

rlm_sql (sql): You probably need to lower "min"

rlm_sql (sql): Closing connection (3): Hit idle_timeout, was idle for 104
second
s

rlm_sql (sql): You probably need to lower "min"

rlm_sql (sql): Closing connection (4): Hit idle_timeout, was idle for 104
second
s

rlm_sql (sql): You probably need to lower "min"

rlm_sql (sql): 0 of 0 connections in use.  You  may need to increase "spare"

rlm_sql (sql): Opening additional connection (5), 1 of 32 pending slots used

rlm_sql (sql): Reserved connection (5)

(0) sql: EXPAND %{User-Name}

(0) sql:    --> 10.10.82.80

(0) sql: SQL-User-Name set to '10.10.82.80 '

(0) sql: EXPAND INSERT INTO radpostauth (username, pass, reply, authdate)
VALUES
( '%{SQL-User-Name}', '%{%{User-Password}:-%{Chap-Password}}',
'%{reply:Packet-
Type}', '%S')

(0) sql:    --> INSERT INTO radpostauth (username, pass, reply, authdate)
VALUES
( '10.10.82.80 ', 'cisco', 'Access-Reject', '2016-04-14 16:32:58')

(0) sql: Executing query: INSERT INTO radpostauth (username, pass, reply,
authda
te) VALUES ( '10.10.82.80 ', 'cisco', 'Access-Reject', '2016-04-14
16:32:58')

(0) sql: SQL query returned: success

(0) sql: 1 record(s) updated

rlm_sql (sql): Released connection (5)

rlm_sql (sql): Need 2 more connections to reach 10 spares

rlm_sql (sql): Opening additional connection (6), 1 of 31 pending slots used

(0)     [sql] = ok

(0) attr_filter.access_reject: EXPAND %{User-Name}

(0) attr_filter.access_reject:    --> 10.10.82.80

(0) attr_filter.access_reject: Matched entry DEFAULT at line 11

(0)     [attr_filter.access_reject] = updated

(0)     [eap] = noop

(0)     policy remove_reply_message_if_eap {

(0)       if (&reply:EAP-Message && &reply:Reply-Message) {

(0)       if (&reply:EAP-Message && &reply:Reply-Message)  -> FALSE

(0)       else {

(0)         [noop] = noop

(0)       } # else = noop

(0)     } # policy remove_reply_message_if_eap = noop

(0)   } # Post-Auth-Type REJECT = updated

(0) Delaying response for 1.000000 seconds

Waking up in 0.3 seconds.

Waking up in 0.6 seconds.

(0) Sending delayed response

(0) Sent Access-Reject Id 0 from  <http://0.0.0.0:1812/> 0.0.0.0:1812 to
<http://10.99.10.135:54942/> 10.99.10.135:54942 length 20

Waking up in 3.9 seconds.

(0) Cleaning up request packet ID 0 with timestamp +104

Ready to process requests

 

 

Thanks,

Mohammed Ejaz

Asst. Operation Director of Systems.

Cyberia SAUDI ARABIA

P.O.Box: 301079, Riyadh 11372

Phone:  (+966) 11 464 7114 Ext. 140

Mobile:  (+966) 562311787

Fax:      (+966) 11 465 4735

Website: http://www.cyberia.net.sa

More information about the Freeradius-Users mailing list