Hello
I use freeradius 0.1 together with cisco 2600 IOS version 12.0(7)T.
But cisco rejects any response from radius/ I have tried various cisco
configuration parameters but had no effect.
Some users was accepted by radius thus shared secret is correct.
cisco log:
Jul 27 18:45:15 194.190.177.183 354: 01:20:56: AAA/AUTHEN (1510843897): Method=r
adius (radius)
Jul 27 18:45:15 194.190.177.183 355: 01:20:56: RADIUS: ustruct sharecount=1
Jul 27 18:45:15 194.190.177.183 356: 01:20:56: RADIUS: Initial Transmit tty66 id
10 193.125.71.5:1812, Access-Request, len 75
Jul 27 18:45:15 194.190.177.183 357: 01:20:56: Attribute 4 6 C2BEB1B7
Jul 27 18:45:15 194.190.177.183 358: 01:20:56: Attribute 5 6 00000042
Jul 27 18:45:16 194.190.177.183 359: 01:20:56: Attribute 61 6 00000005
Jul 27 18:45:16 194.190.177.183 360: 01:20:56: Attribute 1 4 64641F0F
Jul 27 18:45:16 194.190.177.183 361: 01:20:56: Attribute 31 15 3139352E
Jul 27 18:45:16 194.190.177.183 362: 01:20:56: Attribute 2 18 CCB8F7A1
Jul 27 18:45:16 194.190.177.183 363: 01:20:56: RADIUS: Received from id 10 195.1
22.226.5:1812, Access-Accept, len 42
Jul 27 18:45:16 194.190.177.183 364: 01:20:56: Attribute 222 4 64640606
Jul 27 18:45:16 194.190.177.183 365: 01:20:56: Attribute 6 6 00000001
Jul 27 18:45:16 194.190.177.183 366: 01:20:56: Attribute 15 6 00000000
Jul 27 18:45:16 194.190.177.183 367: 01:20:56: Attribute 14 6 FFFFFFFF
Jul 27 18:45:16 194.190.177.183 368: 01:20:56: RADIUS: Response for non-existent
request ident
Jul 27 18:45:21 194.190.177.183 369: 01:21:01: RADIUS: Retransmit id 10
Jul 27 18:45:21 194.190.177.183 370: 01:21:01: RADIUS: Received from id 10 195.1
22.226.5:1812, Access-Accept, len 42
Jul 27 18:45:21 194.190.177.183 371: 01:21:01: Attribute 222 4 64640606
Jul 27 18:45:21 194.190.177.183 372: 01:21:01: Attribute 6 6 00000001
Jul 27 18:45:21 194.190.177.183 373: 01:21:01: Attribute 15 6 00000000
Jul 27 18:45:21 194.190.177.183 374: 01:21:01: Attribute 14 6 FFFFFFFF
Jul 27 18:45:21 194.190.177.183 375: 01:21:01: RADIUS: Response for non-existent
request ident
Jul 27 18:45:26 194.190.177.183 376: 01:21:06: RADIUS: Marking server 193.125.71
.5:1812,1813 dead
RADIUS LOG
rad_recv: Access-Request packet from host 194.190.177.194:1645, id=9, length=75
NAS-IP-Address = 194.190.177.183
NAS-Port = 66
NAS-Port-Type = Virtual
User-Name = "dd"
Calling-Station-Id = "195.122.226.5"
Password = "\272\334\306\275u\227\000\004\234\023\227u\354\371\265T"
modcall[autz]: Entering group at line 692
modcall[autz]: Module at line 692 returns ok
modcall[autz]: action for ok is 3
modcall[autz]: Module at line 695 returns ok
modcall[autz]: action for ok is 3
users: Matched dd at 72
modcall[autz]: Module at line 696 returns ok
modcall[autz]: action for ok is 3
modcall[autz]: Group at line 692 returns ok
rad_check_password: Found auth-type Local
auth: Local
Sending Access-Accept of id 9 to 194.190.177.194:1645
Service-Type = Framed-User
Framed-Protocol = PPP
Framed-IP-Address = 172.16.3.33
Framed-IP-Netmask = 255.255.255.0
Finished request 4
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 194.190.177.194:1645, id=9, length=75
Sending duplicate authentication reply to client 194.190.177.194:1645 - ID: 9
Sending Access-Accept of id 9 to 194.190.177.194
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Cleaning up request 4 ID 9 with timestamp 3b617bb5
Nothing to do. Sleeping until we see a request.
--
Andrei Koulik.
System administrator, Sandy Info Ltd. (ISP), Nizhny Novgorod, Russia
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
