I'm willing to bet that it might have something to do with the fact that
your users file says Local and your radiusd -X says System.
On Tue, 2002-12-03 at 11:20, [EMAIL PROTECTED] wrote:
> Hi all, i am trying to send packets but they are all denied.
> This is what i did:
> file users:
> "martinoli" Auth-Type := Local, User-Password =="martinolim"
> Reply-Message = "Hello, u%"
>
> file naslist:
> localhost local portslave
>
> file clients.conf:
> client 127.0.0.1 {
> secret = testing123
> shortname = localhost
> }
>
> when i run ./radiusd -X i get:
> Starting - reading configuration files ...
> reread_config: reading radiusd.conf
> Config: including file: /usr/local/etc/raddb/proxy.conf
> Config: including file: /usr/local/etc/raddb/clients.conf
> Config: including file: /usr/local/etc/raddb/snmp.conf
> Config: including file: /usr/local/etc/raddb/sql.conf
> main: prefix = "/usr/local"
> main: localstatedir = "/usr/local/var"
> main: logdir = "/usr/local/var/log/radius"
> main: libdir = "/usr/local/lib"
> main: radacctdir = "/usr/local/var/log/radius/radacct"
> main: hostname_lookups = no
> main: max_request_time = 30
> main: cleanup_delay = 5
> main: max_requests = 1024
> main: delete_blocked_requests = 0
> main: port = 0
> main: allow_core_dumps = no
> main: log_stripped_names = yes
> main: log_file = "/usr/local/var/log/radius/radius.log"
> main: log_auth = no
> main: log_auth_badpass = no
> main: log_auth_goodpass = no
> main: pidfile = "/usr/local/var/run/radiusd/radiusd.pid"
> main: user = "(null)"
> main: group = "(null)"
> main: usercollide = no
> main: lower_user = "no"
> main: lower_pass = "no"
> main: nospace_user = "no"
> main: nospace_pass = "no"
> main: checkrad = "/usr/local/sbin/checkrad"
> main: proxy_requests = off
> proxy: retry_delay = 5
> proxy: retry_count = 3
> proxy: synchronous = no
> proxy: default_fallback = yes
> proxy: dead_time = 120
> proxy: servers_per_realm = 15
> security: max_attributes = 200
> security: reject_delay = 1
> security: status_server = no
> main: debug_level = 0
> read_config_files: reading dictionary
> read_config_files: reading naslist
> read_config_files: reading clients
> read_config_files: reading realms
> radiusd: entering modules setup
> Module: Library search path is /usr/local/lib
> Module: Loaded expr
> Module: Instantiated expr (expr)
> Module: Loaded PAP
> pap: encryption_scheme = "crypt"
> Module: Instantiated pap (pap)
> Module: Loaded CHAP
> Module: Instantiated chap (chap)
> Module: Loaded MS-CHAP
> mschap: ignore_password = no
> mschap: use_mppe = yes
> mschap: require_encryption = no
> mschap: require_strong = no
> mschap: passwd = "(null)"
> mschap: authtype = "MS-CHAP"
> Module: Instantiated mschap (mschap)
> Module: Loaded System
> unix: cache = no
> unix: passwd = "(null)"
> unix: shadow = "(null)"
> unix: group = "(null)"
> unix: radwtmp = "/usr/local/var/log/radius/radwtmp"
> unix: usegroup = no
> unix: cache_reload = 600
> Module: Instantiated unix (unix)
> Module: Loaded preprocess
> preprocess: huntgroups = "/usr/local/etc/raddb/huntgroups"
> preprocess: hints = "/usr/local/etc/raddb/hints"
> preprocess: with_ascend_hack = no
> preprocess: ascend_channels_per_line = 23
> preprocess: with_ntdomain_hack = no
> preprocess: with_specialix_jetstream_hack = no
> preprocess: with_cisco_vsa_hack = no
> Module: Instantiated preprocess (preprocess)
> Module: Loaded realm
> realm: format = "suffix"
> realm: delimiter = "@"
> Module: Instantiated realm (suffix)
> Module: Loaded files
> files: usersfile = "/usr/local/etc/raddb/users"
> files: acctusersfile = "/usr/local/etc/raddb/acct_users"
> files: preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users"
> files: compat = "no"
> Module: Instantiated files (files)
> Module: Loaded Acct-Unique-Session-Id
> acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address,
> Client-IP-Address, NAS-Port-Id"
> Module: Instantiated acct_unique (acct_unique)
> Module: Loaded detail
> detail: detailfile =
> "/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
> detail: detailperm = 384
> detail: dirperm = 493
> detail: locking = no
> Module: Instantiated detail (detail)
> Module: Loaded radutmp
> radutmp: filename = "/usr/local/var/log/radius/radutmp"
> radutmp: username = "%{User-Name}"
> radutmp: perm = 384
> radutmp: callerid = yes
> Module: Instantiated radutmp (radutmp)
> Listening on IP address *, ports 1812/udp and 1813/udp.
> Ready to process requests.
>
>
> when i run:
> ./radtest martinoli martinolim localhost:1812 1900 auth testing123
> i get:
> Sending Access-Request of id 196 to 127.0.0.1:1812
> User-Name = "martinoli"
> User-Password = ";\232X\0233\364\262!\353\257\254\304\035|\332."
> NAS-IP-Address = radius
> NAS-Port = 1900
> Framed-Protocol = PPP
> rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=196, length=20
> rad_decode: Received Access-Reject packet from 127.0.0.1 with invalid
> signature!
>
>
> and radiusd says:
> rad_recv: Access-Request packet from host 127.0.0.1:1066, id=213, length=67
> User-Name = "martinoli"
> User-Password = "\220\271\r<\r=\207\037\277\\#!\340\2505\347"
> NAS-IP-Address = 255.255.255.255
> NAS-Port = 1900
> Framed-Protocol = PPP
> modcall: entering group authorize
> modcall[authorize]: module "preprocess" returns ok
> rlm_chap: Could not find proper Chap-Password attribute in request
> modcall[authorize]: module "chap" returns noop
> modcall[authorize]: module "mschap" returns notfound
> rlm_realm: No '@' in User-Name = "martinoli", looking up realm NULL
> rlm_realm: No such realm NULL
> modcall[authorize]: module "suffix" returns noop
> users: Matched DEFAULT at 155
> users: Matched DEFAULT at 174
> users: Matched DEFAULT at 186
> modcall[authorize]: module "files" returns ok
> modcall: group authorize returns ok
> rad_check_password: Found Auth-Type System
> auth: type "System"
> modcall: entering group authenticate
> modcall[authenticate]: module "unix" returns notfound
> modcall: group authenticate returns notfound
> auth: Failed to validate the user.
> WARNING: Unprintable characters in the password. ? Double-check the
> shared secret on the server and the NAS!
> Delaying request 0 for 1 seconds
> Finished request 0
> Going to the next request
> --- Walking the entire request list ---
> Waking up in 1 seconds...
> --- Walking the entire request list ---
> Waking up in 1 seconds...
> --- Walking the entire request list ---
> Sending Access-Reject of id 213 to 127.0.0.1:1066
> Waking up in 4 seconds...
> --- Walking the entire request list ---
> Cleaning up request 0 ID 213 with timestamp 3decd93d
> Nothing to do. Sleeping until we see a request.
>
> Can anyone tell me what i am doing wrong?
> Thank you very much!
>
>
> --------------------------------------------------------------------
> mail2web - Check your email from the web at
> http://mail2web.com/ .
>
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
Regards,
Jason A. Lixfeld Fastvibe Corporation
Senior IP Network Engineer 220-156 Front St. W
[EMAIL PROTECTED] Toronto, ON M5V-2L6
-------------------------------------------------------------
tel://416.341.0099:223 fax://416.341.0088
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
