Re: Authorize and Authenticate with FILES: "auth: Failed to validate the user"

Fri, 20 Feb 2004 04:29:18 -0800 

Thanks but:

How can I tell to freeradius who is the users???


In "users" file I have written:

DEFAULT Auth-Type = PAP
        Fall-Through = 1

sgisev Auth-Type := LOCAL ,  User-Password == "12345678"


and the freeradius error is:

[EMAIL PROTECTED] raddb]# rad_recv: Access-Request packet from host
192.168.49.252:1225, id=54, length=140
        User-Name = "anonymous"
        NAS-IP-Address = 192.168.49.252
        NAS-Port = 0
        Called-Station-Id = "00-80-C8-01-01-55"
        Calling-Station-Id = "00-0B-46-26-1C-44"
        NAS-Identifier = "DWL-1000AP+"
        Framed-MTU = 1380
        NAS-Port-Type = Wireless-802.11
        EAP-Message = 0x0201000e01616e6f6e796d6f7573
        Message-Authenticator = 0xdc4c33e656d580182f8ae53ac84293f4
modcall: entering group authorize for request 0
  modcall[authorize]: module "preprocess" returns ok for request 0
    users: Matched DEFAULT at 156
  modcall[authorize]: module "files" returns ok for request 0
modcall: group authorize returns ok for request 0
  rad_check_password:  Found Auth-Type PAP
auth: type "PAP"
modcall: entering group Auth-Type for request 0
rlm_pap: Attribute "Password" is required for authentication.
  modcall[authenticate]: module "pap" returns invalid for request 0
modcall: group Auth-Type returns invalid for request 0
auth: Failed to validate the user.
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 54 to 192.168.49.252:1225
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 54 with timestamp 4035fcd9
Nothing to do.  Sleeping until we see a request.
rad_recv: Access-Request packet from host 192.168.49.252:1225, id=55,
length=140
        User-Name = "anonymous"
        NAS-IP-Address = 192.168.49.252
        NAS-Port = 0
        Called-Station-Id = "00-80-C8-01-01-55"
        Calling-Station-Id = "00-0B-46-26-1C-44"
        NAS-Identifier = "DWL-1000AP+"
        Framed-MTU = 1380
        NAS-Port-Type = Wireless-802.11
        EAP-Message = 0x0201000e01616e6f6e796d6f7573
        Message-Authenticator = 0x7ee64368520996cda3142f0c7059a480
modcall: entering group authorize for request 1
  modcall[authorize]: module "preprocess" returns ok for request 1
    users: Matched DEFAULT at 156
  modcall[authorize]: module "files" returns ok for request 1
modcall: group authorize returns ok for request 1
  rad_check_password:  Found Auth-Type PAP
auth: type "PAP"
modcall: entering group Auth-Type for request 1
rlm_pap: Attribute "Password" is required for authentication.
  modcall[authenticate]: module "pap" returns invalid for request 1
modcall: group Auth-Type returns invalid for request 1
auth: Failed to validate the user.
Delaying request 1 for 1 seconds
Finished request 1
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
rad_recv: Access-Request packet from host 192.168.49.252:1225, id=56,
length=140
        User-Name = "anonymous"
        NAS-IP-Address = 192.168.49.252
        NAS-Port = 0
        Called-Station-Id = "00-80-C8-01-01-55"
        Calling-Station-Id = "00-0B-46-26-1C-44"
        NAS-Identifier = "DWL-1000AP+"
        Framed-MTU = 1380
        NAS-Port-Type = Wireless-802.11
        EAP-Message = 0x0202000e01616e6f6e796d6f7573
        Message-Authenticator = 0xa060e6b6b7489e59c65c8eb9154f7cd7
modcall: entering group authorize for request 2
  modcall[authorize]: module "preprocess" returns ok for request 2
    users: Matched DEFAULT at 156
  modcall[authorize]: module "files" returns ok for request 2
modcall: group authorize returns ok for request 2
  rad_check_password:  Found Auth-Type PAP
auth: type "PAP"
modcall: entering group Auth-Type for request 2
rlm_pap: Attribute "Password" is required for authentication.
  modcall[authenticate]: module "pap" returns invalid for request 2
modcall: group Auth-Type returns invalid for request 2
auth: Failed to validate the user.
Delaying request 2 for 1 seconds
Finished request 2
Going to the next request
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 55 to 192.168.49.252:1225
Sending Access-Reject of id 56 to 192.168.49.252:1225
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 1 ID 55 with timestamp 4035fce4
Cleaning up request 2 ID 56 with timestamp 4035fce4
Nothing to do.  Sleeping until we see a request.




Jos� Luis Solano
SGI - Soluciones Globales Internet S.A.
Delegaci�n Regional Sur
[EMAIL PROTECTED]
(+34) 954.088.060
----- Original Message -----
From: "Jean-Paul Chapalain" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, February 20, 2004 1:16 PM
Subject: Re: Authorize and Authenticate with FILES: "auth: Failed to
validate the user"


> Hi Jos�,
>
> Look at the config of "Alfa&Ariss client" and UNSELECT "Use anonymous
> user for outer authentication" in Properties.
>
> Jean-Paul.
>
> Jos� Luis Solano wrote:
> > Hi all!!!
> >
> >
> > I have installed freeradius-snapshot-20040216 with redhat 9.
> > I use Alfa&Ariss client under Windows XP, cisco pcmcia car on my laptop.
> >
> > I use FILES to authorize and authenticate, but TTLS don't run ok.
> >
> > any idea?? please help?? (Alan, Lionel, Jean-Paul, please!!!!)
> >
> >
> > freeradius logs
> > ------------------------------------------
> > [EMAIL PROTECTED] raddb]# rad_recv: Access-Request packet from host
192.168.49.252:1225, id=41, length=140
> >         User-Name = "anonymous"
> !!!!!!!!!!!!!! are you anonymous ?
>
> >         NAS-IP-Address = 192.168.49.252
> >         NAS-Port = 0
> >         Called-Station-Id = "00-80-C8-01-01-55"
> >         Calling-Station-Id = "00-0B-46-26-1C-44"
> >         NAS-Identifier = "DWL-1000AP+"
> >         Framed-MTU = 1380
> >         NAS-Port-Type = Wireless-802.11
> >         EAP-Message = 0x0201000e01616e6f6e796d6f7573
> >         Message-Authenticator = 0xd46c99136b226ede9c334c88dfb2fa91
> > modcall: entering group authorize for request 0
> >   modcall[authorize]: module "preprocess" returns ok for request 0
> >   modcall[authorize]: module "files" returns notfound for request 0
> > modcall: group authorize returns ok for request 0
> > auth: No authenticate method (Auth-Type) configuration found for the
request: Rejecting the user
> > auth: Failed to validate the user.
> > Delaying request 0 for 1 seconds
> > Finished request 0
> > Going to the next request
> > --- Walking the entire request list ---
> > Waking up in 1 seconds...
> > --- Walking the entire request list ---
> > Waking up in 1 seconds...
> > --- Walking the entire request list ---
> > Sending Access-Reject of id 41 to 192.168.49.252:1225
> > Waking up in 4 seconds...
> > --- Walking the entire request list ---
> > Cleaning up request 0 ID 41 with timestamp 4035e87f
> > Nothing to do.  Sleeping until we see a request.
> >
> >
> >
> >
> > users file
> > -----------------
> > sgisev Auth-Type := Local ,  User-Password == "12345678"
> >
> > DEFAULT Service-Type == Framed-User
> >         Framed-IP-Address = 255.255.255.254,
> >         Framed-MTU = 576,
> >         Service-Type = Framed-User,
> >         Fall-Through = Yes
> >
> > DEFAULT Framed-Protocol == PPP
> >         Framed-Protocol = PPP,
> >         Framed-Compression = Van-Jacobson-TCP-IP
> >
> > DEFAULT Hint == "CSLIP"
> >         Framed-Protocol = SLIP,
> >         Framed-Compression = Van-Jacobson-TCP-IP
> >
> > DEFAULT Hint == "SLIP"
> >         Framed-Protocol = SLIP
> >
> >
> > radiusd.conf
> > -------------------------
> >  eap {
> >                 default_eap_type = tls
> >
> >                 timer_expire     = 60
> >                 ignore_unknown_eap_types = no
> >
> >                 md5 {
> >                 }
> >                 leap {
> >                 }
> >
> >                 tls {
> >                         private_key_password = izadisan
> >                         private_key_file =
/usr/local/openssl/ssl/certs/server/server.pem
> >
> >                         certificate_file =
/usr/local/openssl/ssl/certs/server/server.pem
> >
> >                         CA_file = /usr/local/openssl/ssl/certs/ca/ca.pem
> >
> >                         dh_file = /usr/local/openssl/ssl/certs/dh
> >
> >                         random_file =
/usr/local/openssl/ssl/certs/random
> >
> >
> >                                 fragment_size = 1024
> >
> >                                 include_length = yes
> >                 }
> >                 ttls {
> >                    default_eap_type=md5
> >                    copy_request_to_tunnel = no
> >                    use_tunneled_reply=no
> >
> >                 }
> >         }
> >
> >
> >
> >
> >
> > Jos� Luis Solano
> > SGI - Soluciones Globales Internet S.A.
> > Delegaci�n Regional Sur
> > [EMAIL PROTECTED]
> > (+34) 954.088.060
> >
>
> --
> --  Jean-Paul Chapalain - GICM -  Resp. Reseaux et Infrastructure
> --  32 rue Mirabeau - Le Relecq-Kerhuon - 29808 Brest Cedex 9, FRANCE
> --  Tel +33298002873 - Fax +33298284005 - [EMAIL PROTECTED]
> --  Key Fingerprint: 192C 1CFE F24A 050D F280 A086 AF15 8631 3ABB 4C7D
>


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to