right tutorial
Javier Escalante
Javier.Escalante at bwireless.eu
Tue Jun 26 00:24:58 CEST 2018
Hwllo,
You mean this;
radcheck table:
joeuser Cleartext-Password := somepassword
radreply table:
joeuser Fall-Through = Yes
https://wiki.freeradius.org/modules/Rlm_sql#sql-schema-and-usage_radreply-table
If so, I added the following line in radreply:
Full texts id username attribute op value
Edit Edit Copy Copy Delete Delete 6 fredf Fall-Through :=
The result is the same...
Is there any doc. Where there is more info about radreply? Anyway, as commented, in my current verion, it is not used.
BR
Javier Escalante
Business Development Manager
Javier.escalante at bwireless.eu
00 34 626 785 675
00 34 93 141 56 36
00 41 78 689 85 69
Skype: fruiz002
Do you know our IoT solutions? Have a look here: www.bsmart.global
http://www.bwireless.eu
Le informamos que, de conformidad con la Ley Orgánica 15/1999, de 13 de diciembre, de Protección de Datos de Carácter Personal, se informa que todos los datos personales que nos ha facilitado serán incorporados y tratados en los ficheros de B’W & TAKACS TELECOM, S.L. para las finalidades de su e-mail.
Puede ejercer sus derechos de acceso, rectificación, cancelación y oposición mediante una comunicación a B’W & TAKACS TELECOM, S.L. con domicilio en Camil Oliveras, 26, 08032 Barcelona (España), o bien mediante una comunicación a la dirección de correo electrónico info at bwireless.eu. En ambos casos, deberá acompañar una copia de su documento nacional de identidad o documento válido que lo identifique.
-----Original Message-----
From: Freeradius-Users [mailto:freeradius-users-bounces+javier.escalante=bwireless.eu at lists.freeradius.org] On Behalf Of Alan Buxey
Sent: martes, 26 de junio de 2018 0:01
To: FreeRadius users mailing list
Subject: Re: right tutorial
read SQL FR docs to see what the radreply table does - use of fall-through etc.
your error is because it is trying to do a group check. you havent got any group info - your choice how to fix
alan
On 25 June 2018 at 22:58, Javier Escalante <Javier.Escalante at bwireless.eu>
wrote:
> Hello,
>
> What means "set to no", commented? What do you mean when you say:
> "you might want to put relevant things int he radreply table."
>
>
> Thanks
>
> BR
> Javier Escalante
> Business Development Manager
> Javier.escalante at bwireless.eu
> 00 34 626 785 675
> 00 34 93 141 56 36
> 00 41 78 689 85 69
> Skype: fruiz002
> Do you know our IoT solutions? Have a look here: www.bsmart.global
> http://www.bwireless.eu Le informamos que, de conformidad con la Ley
> Orgánica 15/1999, de 13 de diciembre, de Protección de Datos de
> Carácter Personal, se informa que todos los datos personales que nos
> ha facilitado serán incorporados y tratados en los ficheros de B’W &
> TAKACS TELECOM, S.L. para las finalidades de su e-mail.
> Puede ejercer sus derechos de acceso, rectificación, cancelación y
> oposición mediante una comunicación a B’W & TAKACS TELECOM, S.L. con
> domicilio en Camil Oliveras, 26, 08032 Barcelona (España), o bien
> mediante una comunicación a la dirección de correo electrónico info at bwireless.eu.
> En ambos casos, deberá acompañar una copia de su documento nacional
> de identidad o documento válido que lo identifique.
>
>
> -----Original Message-----
> From: Freeradius-Users
> [mailto:freeradius-users-bounces+javier.escalante=
> bwireless.eu at lists.freeradius.org] On Behalf Of Alan Buxey
> Sent: lunes, 25 de junio de 2018 18:22
> To: FreeRadius users mailing list
> Subject: Re: right tutorial
>
> hi,
>
> check your config (sql config) to ensure you are not using the group
> check stuff if you dont want groups and havent defined groups
>
> # Tables containing 'check' items
> authcheck_table = "radcheck"
> groupcheck_table = "radgroupcheck"
>
> # Tables containing 'reply' items
> authreply_table = "radreply"
> groupreply_table = "radgroupreply"
>
> # Table to keep group info
> usergroup_table = "radusergroup"
>
> # If set to 'yes' (default) we read the group tables unless
> Fall-Through = no in the reply table.
> # If set to 'no' we do not read the group tables unless Fall-Through =
> yes in the reply table.
> # read_groups = yes
>
> see? its a check item by default...and if you dont have a response, its a
> fail. you might want to put relevant things int he radreply table.
>
> alan
>
>
> On 24 June 2018 at 14:57, Javier Escalante
> <Javier.Escalante at bwireless.eu>
> wrote:
>
> > Hello,
> >
> > Sorry guys, based on the answers of Alan, I might be stupid...I'll
> > explain another time and I hope this time I get some help:
> >
> > 1. I installed a fresh server (I have my all server already
> > configured and working since 4 years) 2. I installed freeradius 3.0.16 and mysql.
> > No errors during installation 3. I tested with user and password in
> > file, and it worked perfectly 4. I tested by putting the user test
> > with password test in radcheck and the authentication failed as it
> > is shown further down.
> > 5. I have searched in all kind of forums and obviously also in
> > www.freeradius.org. No solution yet.
> > 6. The sql seems to be working despite the include line is not
> > uncommented in radiusd.conf. Can somebody confirm?
> >
> > Can anybody give me a clue of how to solve this problem?
> >
> > Request:
> >
> > radtest test test localhost 10 1107
> >
> > Freeradius debug output:
> >
> > Ready to process requests
> > (0) Received Access-Request Id 195 from 127.0.0.1:37474 to
> > 127.0.0.1:1812 length
> > 74
> > (0) User-Name = "test"
> > (0) User-Password = "test"
> > (0) NAS-IP-Address = 5.135.246.127
> > (0) NAS-Port = 10
> > (0) Message-Authenticator = 0x05270c450007175556849d0b38cc7a27
> > (0) # Executing section authorize from file
> > /etc/freeradius/3.0/sites-enabled/de
> >
> > fault
> > (0) authorize {
> > (0) [preprocess] = ok
> > (0) [chap] = noop
> > (0) [mschap] = noop
> > (0) [digest] = noop
> > (0) suffix: Checking for suffix after "@"
> > (0) suffix: No '@' in User-Name = "test", looking up realm NULL
> > (0) suffix: No such realm "NULL"
> > (0) [suffix] = noop
> > (0) eap: No EAP-Message, not doing EAP
> > (0) [eap] = noop
> > (0) [files] = noop
> > (0) sql: EXPAND %{User-Name}
> > (0) sql: --> test
> > (0) sql: SQL-User-Name set to 'test'
> > rlm_sql (sql): Reserved connection (0)
> > (0) sql: EXPAND SELECT id, username, attribute, value, op FROM
> > radcheck WHERE us
> > ername = '%{SQL-User-Name}' ORDER BY id
> > (0) sql: --> SELECT id, username, attribute, value, op FROM radcheck
> > WHERE us
> > ername = 'test' ORDER BY id
> > (0) sql: Executing select query: SELECT id, username, attribute,
> > value, op FROM
> > radcheck WHERE username = 'test' ORDER BY id
> > (0) sql: EXPAND SELECT groupname FROM radusergroup WHERE username =
> > '%{SQL-User-
> > Name}' ORDER BY priority
> > (0) sql: --> SELECT groupname FROM radusergroup WHERE username =
> 'test'
> > ORDER
> > BY priority
> > (0) sql: Executing select query: SELECT groupname FROM radusergroup
> > WHERE userna
> > me = 'test' ORDER BY priority
> > (0) sql: User not found in any groups rlm_sql (sql): Released
> > connection (0) Need 5 more connections to reach 10 spares rlm_sql
> > (sql): Opening additional connection (5), 1 of
> > 27 pending slots used
> > (0) [sql] = notfound
> > (0) [expiration] = noop
> > (0) [logintime] = noop
> > (0) pap: WARNING: No "known good" password found for the user. Not
> > setting Auth
> > -Type
> > (0) pap: WARNING: Authentication will fail unless a "known good"
> > password is ava
> > ilable
> > (0) [pap] = noop
> > (0) } # authorize = ok
> > (0) ERROR: No Auth-Type found: rejecting the user via Post-Auth-Type
> > = Reject
> > (0) Failed to authenticate the user
> > (0) Using Post-Auth-Type Reject
> > (0) # Executing group from file /etc/freeradius/3.0/sites-
> enabled/default
> > (0) Post-Auth-Type REJECT {
> > (0) sql: EXPAND .query
> > (0) sql: --> .query
> > (0) sql: Using query template 'query'
> > rlm_sql (sql): Reserved connection (1)
> > (0) sql: EXPAND %{User-Name}
> > (0) sql: --> test
> > (0) sql: SQL-User-Name set to 'test'
> > (0) sql: EXPAND INSERT INTO radpostauth (username, pass, reply,
> > authdate) VALUES
> > ( '%{SQL-User-Name}',
> > '%{%{User-Password}:-%{Chap-Password}}',
> > '%{reply:Packet-
> > Type}', '%S')
> > (0) sql: --> INSERT INTO radpostauth (username, pass, reply, authdate)
> > VALUES
> > ( 'test', 'test', 'Access-Reject', '2018-06-24
> > 13:55:21')
> > (0) sql: Executing query: INSERT INTO radpostauth (username, pass,
> > reply, authda
> > te) VALUES ( 'test', 'test', 'Access-Reject',
> > '2018-06-24
> > 13:55:21')
> > (0) sql: SQL query returned: success
> > (0) sql: 1 record(s) updated
> > rlm_sql (sql): Released connection (1)
> > (0) [sql] = ok
> > (0) attr_filter.access_reject: EXPAND %{User-Name}
> > (0) attr_filter.access_reject: --> test
> > (0) attr_filter.access_reject: Matched entry DEFAULT at line 11
> > (0) [attr_filter.access_reject] = updated
> > (0) [eap] = noop
> > (0) policy remove_reply_message_if_eap {
> > (0) if (&reply:EAP-Message && &reply:Reply-Message) {
> > (0) if (&reply:EAP-Message && &reply:Reply-Message) -> FALSE
> > (0) else {
> > (0) [noop] = noop
> > (0) } # else = noop
> > (0) } # policy remove_reply_message_if_eap = noop
> > (0) } # Post-Auth-Type REJECT = updated
> > (0) Delaying response for 1.000000 seconds Waking up in 0.3 seconds.
> > Waking up in 0.6 seconds.
> > (0) Sending delayed response
> > (0) Sent Access-Reject Id 195 from 127.0.0.1:1812 to 127.0.0.1:37474
> > length 20 Waking up in 3.9 seconds.
> > (0) Cleaning up request packet ID 195 with timestamp +2 Ready to
> > process requests
> >
> > Thanks in advance
> >
> >
> > BR
> >
> >
> >
> >
> > Javier Escalante
> > Business Development Manager
> > Javier.escalante at bwireless.eu
> > 00 34 626 785 675
> > 00 34 93 141 56 36
> > 00 41 78 689 85 69
> > Skype: fruiz002
> > Do you know our IoT solutions? Have a look here: www.bsmart.global
> > http://www.bwireless.eu Le informamos que, de conformidad con la Ley
> > Orgánica 15/1999, de 13 de diciembre, de Protección de Datos de
> > Carácter Personal, se informa que todos los datos personales que
> > nos ha facilitado serán incorporados y tratados en los ficheros de
> > B’W & TAKACS TELECOM, S.L. para las finalidades de su e-mail.
> > Puede ejercer sus derechos de acceso, rectificación, cancelación y
> > oposición mediante una comunicación a B’W & TAKACS TELECOM, S.L. con
> > domicilio en Camil Oliveras, 26, 08032 Barcelona (España), o bien
> > mediante una comunicación a la dirección de correo electrónico
> info at bwireless.eu.
> > En ambos casos, deberá acompañar una copia de su documento nacional
> > de identidad o documento válido que lo identifique.
> >
> >
> > -----Original Message-----
> > From: Freeradius-Users
> > [mailto:freeradius-users-bounces+javier.escalante=
> > bwireless.eu at lists.freeradius.org] On Behalf Of Alan Buxey
> > Sent: viernes, 22 de junio de 2018 20:06
> > To: FreeRadius users mailing list
> > Subject: Re: right tutorial
> >
> > hi,
> >
> > Could somebody tell us which tutorial /wiki can we follow in order
> > to
> > > properly configure freeradius 3.0.16?
> > >
> >
> > properly configure? you need to define what it is you are trying to do.
> > based on other replies there is history here that I havent seen (or
> > deleted amongst deluge of other posts) one persons
> > requirement/use-case rarely matches with another.
> >
> > take FreeRADIUS 3.0.16 - either built form source or via package. then
> > follow the guides (or read the docs in the config files themselves)
> > as required.
> >
> > DONT hack a load of the config around , start with basics (as per
> > docs)
> >
> >
> > alan
> > -
> > List info/subscribe/unsubscribe? See http://www.freeradius.org/
> > list/users.html
> >
> >
> > -
> > List info/subscribe/unsubscribe? See http://www.freeradius.org/
> > list/users.html
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/
> list/users.html
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/
> list/users.html
>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list