Shut off all the useless stuff you have in your configuration and stick
to the bare bones configuration needed to authenticate your test user.
Once you have authenticated him properly, add the stuff back in that you
need, one module at a time and troubleshoot each one as required until
your system is working as you want it to.
Read the man pages and the documentation that comes with the
distribution or from the freeradius.org site and learn what each portion
of your configuration file is for and what it controls. The last thing
you need to do is blindly go in and start commenting things out because
that will turn your mess into a disaster.
Once you have read the docs and have a bare bones system operating
correctly, you will understand the [ms]chap errors you mentioned in your
radiusd output and you will know how to interpret them.
On Wed, 2002-12-04 at 09:19, Maurizio Martinoli wrote:
> Hi everybody, i have a problem with radtest and i can't find a solution to that, so
>i'd be greatful if comeone could help me out.
> I tried to do it myself for hours, i sat, thoight, and didn't solve anything, so i'm
>here for someone that is nice to help me out.
>
> First of all this is how i configured the configuration files:
>
> in clients.conf i have:
> client 127.0.0.1 {
> secret = testing123
> shortname = localhost
> }
>
> in proxy.conf i have:
> realm NULL {
> type = radius
> authhost = localhost:1600
> accthost = localhost:1601
> secret = testing123
> }
>
> in users i have:
> "martinoli" Auth-Type := Local, User-Password =="test"
> Reply-Message = "Hello, %u"
>
> now if i run
> ./radtest -d /usr/local/etc/raddb/ martinoli test localhost:1812 1900 testing123
>
> this is what i get:
> Sending Access-Request of id 88 to 127.0.0.1:1812
> User-Name = "martinoli"
> User-Password = "\033\253\016\341\232\267o\031\010\017\366Q\326\246\255""
> NAS-IP-Address = radius
> NAS-Port = 1900
> rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=88, length=31
> Reply-Message = "Hello, %u"
>
> and radiusd output is:
> rad_recv: Access-Request packet from host 127.0.0.1:1039, id=88, length=61
> User-Name = "martinoli"
> User-Password = "martinolim"
> NAS-IP-Address = 255.255.255.255
> NAS-Port = 1900
> modcall: entering group authorize
> modcall[authorize]: module "preprocess" returns ok
> rlm_chap: Could not find proper Chap-Password attribute in request
> modcall[authorize]: module "chap" returns noop
> modcall[authorize]: module "mschap" returns notfound
> rlm_realm: No '@' in User-Name = "martinoli", looking up realm NULL
> rlm_realm: Found realm NULL
> rlm_realm: Adding Stripped-User-Name = "martinoli"
> rlm_realm: Proxying request from user martinoli to realm NULL
> rlm_realm: Adding Realm = "NULL"
> rlm_realm: Preparing to proxy authentication request to realm NULL
> modcall[authorize]: module "suffix" returns updated
> users: Matched martinoli at 97
> modcall[authorize]: module "files" returns ok
> modcall: group authorize returns updated
> There was no response configured: rejecting request 0
> Server rejecting request 0.
> Finished request 0
> Going to the next request
>
> The only error i can see is here
> rlm_chap: Could not find proper Chap-Password attribute in request
> modcall[authorize]: module "chap" returns noop
> modcall[authorize]: module "mschap" returns notfound
>
> but i don't know how to solve this problem....
> can anyone tell me what i am doing wrong?
> what is the difference if i run:
> ./radtest -d /usr/local/etc/raddb/ martinoli test localhost:1812 1900 testing123
> or
> ./radtest -d /usr/local/etc/raddb/ martinoli test localhost:1812 1900 auth testing123
> Seems that if i run the latter i get:
> rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=94, length=20
> rad_decode: Received Access-Reject packet from 127.0.0.1 with invalid signature!
> which i don't know what it means...
>
> thanks for anyone taht can help me out!
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
Regards,
Jason A. Lixfeld Fastvibe Corporation
Senior IP Network Engineer 220-156 Front St. W
[EMAIL PROTECTED] Toronto, ON M5V-2L6
-------------------------------------------------------------
tel://416.341.0099:223 fax://416.341.0088
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
