firstly, thanks Mathew Newton and alan buxey. I run freeradius -X and run test in ciso asa5520. details as follows. rad_recv: Access-Request packet from host 192.168.30.254 port 1025, id=72, length=61 User-Name = "tsb" User-Password = "123456" NAS-IP-Address = 192.168.30.254 NAS-Port = 64 NAS-Port-Type = Virtual # Executing section authorize from file /opt/freeadius/etc/raddb/sites-enabled/default +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop ++[digest] returns noop [suffix] No '@' in User-Name = "tsb", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[files] returns noop ++[expiration] returns noop ++[logintime] returns noop [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. Using Post-Auth-Type REJECT # Executing group from file /opt/freeadius/etc/raddb/sites-enabled/default +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} -> tsb attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 1 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 1 Sending Access-Reject of id 72 to 192.168.30.254 port 1025 Waking up in 4.9 seconds. Cleaning up request 1 ID 72 with timestamp +430 Ready to process requests. I have add user such as following format cat users | sed -n '/^[^#]/p' tsb Cleartext-Password := "123456" DEFAULT Framed-Protocol == PPP Framed-Protocol = PPP, Framed-Compression = Van-Jacobson-TCP-IP DEFAULT Hint == "CSLIP" Framed-Protocol = SLIP, Framed-Compression = Van-Jacobson-TCP-IP DEFAULT Hint == "SLIP" Framed-Protocol = SLIP
So I still problem with user fomat in file users? pls give me some advice. thanks
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html