The problem is quite obvious, so you have one of two choices. 1) Install the correct freeradius module to coincide with the method the wolverine is using to authenticate 2) change the authentication method of the wolverine to coincide with the way freeradius is configured. I would suggest you examine your freeradius logs in detail, line by line. Cross reference the entries from the logs with your configuration file and you will eventually figure it out.
> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] On Behalf Of > Glynn Taylor > Sent: Wednesday, October 16, 2002 11:15 AM > To: [EMAIL PROTECTED] > Subject: (Plain Text This time, sorry) Possible Newbie conf > issue: VPN authenticating against FreeRadius > > > > I have a Wolverine VPN (www.coyotelinux.com) attempting to > authenticate > against FreeRadius. I have installed Wolverine and it works > ok with local > authentication. I have FreeRadius installed on another box. > I uncommented > out user steve in the users file for testing. I can get a positive > authentications when using Radping. If I try to authenticate steve via > Wolverine (where another box trys to start a pptp session > through wolverine > using steve as the userid with password) it fails. The dump of the two > conversations is below. Any ideas are way appreciated. > > Wolverine is 192.168.0.2 > FreeRadius is 192.168.0.3 > My workstation with NTRadPing is 192.168.0.125 > > Thanks > GT > > > Here is the Trace, I put in my comments surounded by plus(+) signs: > > > > [root@wfcRadiusSql01 raddb]# radiusd -sfxxyz -l stdout > Starting - reading configuration files ... > reread_config: reading radiusd.conf > Config: including file: /etc/raddb/proxy.conf > Config: including file: /etc/raddb/clients.conf > Config: including file: /etc/raddb/snmp.conf > Config: including file: /etc/raddb/sql.conf > main: prefix = "/usr/local" > main: localstatedir = "/var" > main: logdir = "/var/log/radius" > main: libdir = "/usr/local/lib" > main: radacctdir = "/var/log/radius/radacct" > main: hostname_lookups = no > read_config_files: reading dictionary > read_config_files: reading clients > read_config_files: reading realms > read_config_files: reading naslist > main: max_request_time = 30 > main: cleanup_delay = 5 > main: max_requests = 1024 > main: delete_blocked_requests = 0 > main: port = 0 > main: allow_core_dumps = no > main: log_stripped_names = no > main: log_auth = no > main: log_auth_badpass = no > main: log_auth_goodpass = no > main: pidfile = "/var/run/radiusd/radiusd.pid" > main: user = "(null)" > main: group = "(null)" > main: usercollide = no > main: lower_user = "no" > main: lower_pass = "no" > main: nospace_user = "no" > main: nospace_pass = "no" > main: proxy_requests = yes > proxy: retry_delay = 5 > proxy: retry_count = 3 > proxy: synchronous = no > proxy: default_fallback = yes > proxy: dead_time = 120 > security: max_attributes = 200 > security: reject_delay = 1 > main: debug_level = 0 > read_config_files: entering modules setup > Module: Library search path is /usr/local/lib > Module: Loaded System > unix: cache = yes > unix: passwd = "/etc/passwd" > unix: shadow = "/etc/shadow" > unix: group = "/etc/group" > unix: radwtmp = "/var/log/radius/radwtmp" > unix: usegroup = no > unix: cache_reload = 600 > HASH: Reinitializing hash structures and lists for caching... > HASH: user root found in hashtable bucket 11726 > HASH: user bin found in hashtable bucket 86651 > HASH: user daemon found in hashtable bucket 11668 > HASH: user adm found in hashtable bucket 26466 > HASH: user lp found in hashtable bucket 54068 > HASH: user sync found in hashtable bucket 42895 > HASH: user shutdown found in hashtable bucket 71746 > HASH: user halt found in hashtable bucket 7481 > HASH: user mail found in hashtable bucket 79471 > HASH: user news found in hashtable bucket 5375 > HASH: user uucp found in hashtable bucket 38541 > HASH: user operator found in hashtable bucket 21748 > HASH: user games found in hashtable bucket 47657 > HASH: user gopher found in hashtable bucket 47357 > HASH: user ftp found in hashtable bucket 56226 > HASH: user nobody found in hashtable bucket 99723 > HASH: user ntp found in hashtable bucket 21418 > HASH: user rpc found in hashtable bucket 72373 > HASH: user vcsa found in hashtable bucket 25959 > HASH: user nscd found in hashtable bucket 36306 > HASH: user sshd found in hashtable bucket 71560 > HASH: user rpm found in hashtable bucket 72383 > HASH: user mailnull found in hashtable bucket 78086 > HASH: user smmsp found in hashtable bucket 13600 > HASH: user rpcuser found in hashtable bucket 552 > HASH: user nfsnobody found in hashtable bucket 51830 > HASH: user pcap found in hashtable bucket 55326 > HASH: user xfs found in hashtable bucket 17213 > HASH: user named found in hashtable bucket 7729 > HASH: user gdm found in hashtable bucket 50360 > HASH: user postgres found in hashtable bucket 19301 > HASH: user apache found in hashtable bucket 26582 > HASH: user postfix found in hashtable bucket 23093 > HASH: user squid found in hashtable bucket 62826 > HASH: user webalizer found in hashtable bucket 3037 > HASH: user mysql found in hashtable bucket 46314 > HASH: user glynn found in hashtable bucket 57940 > HASH: Stored 37 entries from /etc/passwd > HASH: Stored 47 entries from /etc/group > Module: Instantiated unix (unix) > Module: Loaded preprocess > preprocess: huntgroups = "/etc/raddb/huntgroups" > preprocess: hints = "/etc/raddb/hints" > preprocess: with_ascend_hack = no > preprocess: ascend_channels_per_line = 23 > preprocess: with_ntdomain_hack = no > preprocess: with_specialix_jetstream_hack = no > preprocess: with_cisco_vsa_hack = no > Module: Instantiated preprocess (preprocess) > Module: Loaded realm > realm: format = "suffix" > realm: delimiter = "@" > Module: Instantiated realm (suffix) > Module: Loaded files > files: usersfile = "/etc/raddb/users" > files: acctusersfile = "/etc/raddb/acct_users" > files: compat = "no" > Module: Instantiated files (files) > Module: Loaded detail > detail: detailfile = > "/var/log/radius/radacct/%{Client-IP-Address}/detail" > detail: detailperm = 384 > detail: dirperm = 493 > detail: locking = no > Module: Instantiated detail (detail) > Module: Loaded radutmp > radutmp: filename = "/var/log/radius/radutmp" > radutmp: username = "%{User-Name}" > radutmp: perm = 384 > radutmp: callerid = yes > Module: Instantiated radutmp (radutmp) > > ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > > This is where it succeeds from ntRadPing > > ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > > > Listening on IP address *, ports 1812/udp and 1813/udp, with proxy on > 1814/udp. > Ready to process requests. > rad_recv: Access-Request packet from host 192.168.0.125:4538, id=1, > length=45 > User-Name = "steve" > User-Password = > "\333z\233\276\246\303\301\026\0029\241\367\003\322\027\305" > modcall: entering group authorize > modcall[authorize]: module "preprocess" returns ok > rlm_realm: Looking up realm NULL for User-Name = "steve" > rlm_realm: No such realm NULL > modcall[authorize]: module "suffix" returns noop > users: Matched steve at 80 > modcall[authorize]: module "files" returns ok > modcall: group authorize returns ok > rad_check_password: Found Auth-Type Local > auth: type Local > auth: user supplied User-Password matches local User-Password > Sending Access-Accept of id 1 to 192.168.0.125:4538 > Service-Type = Framed-User > Framed-Protocol = PPP > Framed-IP-Address = 172.16.3.33 > Framed-IP-Netmask = 255.255.255.0 > Framed-Routing = Broadcast-Listen > Framed-Filter-Id = "std.ppp" > Framed-MTU = 1500 > Framed-Compression = Van-Jacobson-TCP-IP > Finished request 0 > Going to the next request > --- Walking the entire request list --- > Waking up in 6 seconds... > --- Walking the entire request list --- > Cleaning up request 0 ID 1 with timestamp 3dad7ad6 > Nothing to do. Sleeping until we see a request. > > > ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > > This is where it fails with wolverine > > ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > > rad_recv: Access-Request packet from host 192.168.0.2:32768, id=18, > length=121 > Service-Type = Framed-User > Framed-Protocol = PPP > User-Name = "steve" > MS-CHAP-Challenge = 0x76ee9496439d61f78db9a181d987ee42 > MS-CHAP2-Response = > 0x01003f787372c0ca0cd11f4b8291f102aa8f00000000000000003bca104a > b18c2d6800d746 > 815be19f8e1167e96f523b927f > modcall: entering group authorize > modcall[authorize]: module "preprocess" returns ok > rlm_realm: Looking up realm NULL for User-Name = "steve" > rlm_realm: No such realm NULL > modcall[authorize]: module "suffix" returns noop > users: Matched steve at 80 > modcall[authorize]: module "files" returns ok > modcall: group authorize returns ok > rad_check_password: Found Auth-Type Local > auth: type Local > auth: No User-Password or CHAP-Password attribute in the request > auth: Failed to validate the user. > Delaying request 1 for 1 seconds > Finished request 1 > Going to the next request > --- Walking the entire request list --- > Waking up in 1 seconds... > --- Walking the entire request list --- > Waking up in 1 seconds... > --- Walking the entire request list --- > Sending Access-Reject of id 18 to 192.168.0.2:32768 > Waking up in 4 seconds... > --- Walking the entire request list --- > Cleaning up request 1 ID 18 with timestamp 3dad7ae7 > Nothing to do. Sleeping until we see a request. > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
