Hi!

This config don't working properly at my system... ???

my users conf is :

test            Auth-Type := Local, User-Password == "test123", Calling-Station-Id == "00-01-02-e0-71-75"

my radius log is: (look at the bold line)

rad_recv: Access-Request packet from host 10.10.0.2:2347, id=131, length=98
        User-Name = "test"
        NAS-IP-Address = 10.10.0.2
        Framed-MTU = 1000
        Calling-Station-Id = "00-01-02-e0-71-75"
        Service-Type = Framed-User
        NAS-Port-Type = Ethernet
        EAP-Message = 0x020400090174657374
        Message-Authenticator = 0xb3642d75b1e53875dc937545778db376
modcall: entering group authorize
  modcall[authorize]: module "preprocess" returns ok
  modcall[authorize]: module "chap" returns noop
  rlm_eap: EAP packet type notification id 4 length 9
  rlm_eap: EAP Start not found
  modcall[authorize]: module "eap" returns updated
    rlm_realm: No '@' in User-Name = "test", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop
    users: Matched test at 60
  modcall[authorize]: module "files" returns ok
  modcall[authorize]: module "mschap" returns noop
modcall: group authorize returns updated
  rad_check_password:  Found Auth-Type Local
auth: type Local
auth: No User-Password or CHAP-Password attribute in the request
auth: Failed to validate the user.

Delaying request 0 for 1 seconds
Finished request 0
Going to the next request


But when i try this config :

test           User-Password == "test123", Calling-Station-Id == "00-01-02-e0-71-75"

 it's ok..

And my radius log is:

rad_recv: Access-Request packet from host 10.10.0.2:2347, id=139, length=153
        User-Name = "test"
        NAS-IP-Address = 10.10.0.2
        Framed-MTU = 1000
        Calling-Station-Id = "00-01-02-e0-71-75"
        Service-Type = Framed-User
        NAS-Port-Type = Ethernet
        State = 0x8bf8ee1494b97564631ef3f0104c890823314c406514caee774d0c53df0b5417ad24f457
        EAP-Message = 0x0202001a041097d9e706731114a8fcd9fd1dccf5e12474657374
        Message-Authenticator = 0xecd09b2aef758655511a18376fe54063
modcall: entering group authorize
  modcall[authorize]: module "preprocess" returns ok
  modcall[authorize]: module "chap" returns noop
  rlm_eap: EAP packet type notification id 2 length 26
  rlm_eap: EAP Start not found
  modcall[authorize]: module "eap" returns updated
    rlm_realm: No '@' in User-Name = "test", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop
    users: Matched test at 61
  modcall[authorize]: module "files" returns ok
  modcall[authorize]: module "mschap" returns noop
modcall: group authorize returns updated
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
  rlm_eap: EAP packet type notification id 2 length 26
  rlm_eap: EAP Start not found
  rlm_eap: Request found, released from the list
  rlm_eap: EAP_TYPE - md5
  rlm_eap: processing type md5
  rlm_eap: Freeing handler
  modcall[authenticate]: module "eap" returns ok
modcall: group authenticate returns ok
Sending Access-Accept of id 139 to 10.10.0.2:2347
        EAP-Message = 0x03020004
        Message-Authenticator = 0x00000000000000000000000000000000
Finished request 1

Then why Auth-Type Local not working? Have u got any idea?

Thanks,

You will want something like this in your /usr/local/etc/raddb/users file.


testuser             Auth-Type := Local, User-Password == "testuser", Calling-Station-Id == "00-20-A6-4D-10-33"
                     Session-Timeout = 600,
                     Trapeze-VLAN-Name = "corp",
                     Filter-Id = "all-access.in"

Of course, some of your reply items will be different that the above. In
my case, I am using Trapeze wireless gear.

I have also seen MAC addresses sent to Radius in a few different formats
depending on the equipment used. For example, 0020A6-4D1033 versus
00-20-A6-4D-10-33, etc.

Good Luck.

Jason

On Fri, 5 Mar 2004, Burak Sarrafi wrote:

  
Hi all,

I've a single and simple question. I hope u can help me.

I'm using Freeradiud and Cisco Cat series switch. I've done the
configuration between freeradios and switch.
Now using username & password auth. everythings is ok. But I want to
check client's macaddress at radius server. Username + Password + Mac
Address checking.

How can I do ?

Thanks from now.

--
Burak Sarrafi <[EMAIL PROTECTED]>
Network Specialist
Sabanci University / IT Dept.
Tel:+90-216-4839180
Fax:+90-216-4839186



-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

    
-- 
Burak Sarrafi <[EMAIL PROTECTED]>
Network Specialist
Sabanci University / IT Dept.
Tel:+90-216-4839180
Fax:+90-216-4839186

Reply via email to