Re: Freeradius-Users digest, Vol 1 #2946 - 5 msgs

[Burak Sarrafi]

Hi! This config don't working properly at my system... ??? my users conf is : test            Auth-Type := Local, User-Password == "test123", Calling-Station-Id == "00-01-02-e0-71-75" my radius log is: (look at the bold line) rad_recv: Access-Request packet from host 10.10.0.2:2347, id=131, length=98         User-Name = "test"         NAS-IP-Address = 10.10.0.2         Framed-MTU = 1000         Calling-Station-Id = "00-01-02-e0-71-75"         Service-Type = Framed-User         NAS-Port-Type = Ethernet         EAP-Message = 0x020400090174657374         Message-Authenticator = 0xb3642d75b1e53875dc937545778db376 modcall: entering group authorize   modcall[authorize]: module "preprocess" returns ok   modcall[authorize]: module "chap" returns noop   rlm_eap: EAP packet type notification id 4 length 9   rlm_eap: EAP Start not found   modcall[authorize]: module "eap" returns updated     rlm_realm: No '@' in User-Name = "test", looking up realm NULL     rlm_realm: No such realm "NULL"   modcall[authorize]: module "suffix" returns noop     users: Matched test at 60   modcall[authorize]: module "files" returns ok   modcall[authorize]: module "mschap" returns noop modcall: group authorize returns updated   rad_check_password:  Found Auth-Type Local auth: type Local auth: No User-Password or CHAP-Password attribute in the request auth: Failed to validate the user. Delaying request 0 for 1 seconds Finished request 0 Going to the next request But when i try this config : test           User-Password == "test123", Calling-Station-Id == "00-01-02-e0-71-75"  it's ok.. And my radius log is: rad_recv: Access-Request packet from host 10.10.0.2:2347, id=139, length=153         User-Name = "test"         NAS-IP-Address = 10.10.0.2         Framed-MTU = 1000         Calling-Station-Id = "00-01-02-e0-71-75"         Service-Type = Framed-User         NAS-Port-Type = Ethernet         State = 0x8bf8ee1494b97564631ef3f0104c890823314c406514caee774d0c53df0b5417ad24f457         EAP-Message = 0x0202001a041097d9e706731114a8fcd9fd1dccf5e12474657374         Message-Authenticator = 0xecd09b2aef758655511a18376fe54063 modcall: entering group authorize   modcall[authorize]: module "preprocess" returns ok   modcall[authorize]: module "chap" returns noop   rlm_eap: EAP packet type notification id 2 length 26   rlm_eap: EAP Start not found   modcall[authorize]: module "eap" returns updated     rlm_realm: No '@' in User-Name = "test", looking up realm NULL     rlm_realm: No such realm "NULL"   modcall[authorize]: module "suffix" returns noop     users: Matched test at 61   modcall[authorize]: module "files" returns ok   modcall[authorize]: module "mschap" returns noop modcall: group authorize returns updated   rad_check_password:  Found Auth-Type EAP auth: type "EAP" modcall: entering group authenticate   rlm_eap: EAP packet type notification id 2 length 26   rlm_eap: EAP Start not found   rlm_eap: Request found, released from the list   rlm_eap: EAP_TYPE - md5   rlm_eap: processing type md5   rlm_eap: Freeing handler   modcall[authenticate]: module "eap" returns ok modcall: group authenticate returns ok Sending Access-Accept of id 139 to 10.10.0.2:2347         EAP-Message = 0x03020004         Message-Authenticator = 0x00000000000000000000000000000000 Finished request 1 Then why Auth-Type Local not working? Have u got any idea? Thanks, You will want something like this in your /usr/local/etc/raddb/users file. testuser Auth-Type := Local, User-Password == "testuser", Calling-Station-Id == "00-20-A6-4D-10-33" Session-Timeout = 600, Trapeze-VLAN-Name = "corp", Filter-Id = "all-access.in" Of course, some of your reply items will be different that the above. In my case, I am using Trapeze wireless gear. I have also seen MAC addresses sent to Radius in a few different formats depending on the equipment used. For example, 0020A6-4D1033 versus 00-20-A6-4D-10-33, etc. Good Luck. Jason On Fri, 5 Mar 2004, Burak Sarrafi wrote: Hi all, I've a single and simple question. I hope u can help me. I'm using Freeradiud and Cisco Cat series switch. I've done the configuration between freeradios and switch. Now using username & password auth. everythings is ok. But I want to check client's macaddress at radius server. Username + Password + Mac Address checking. How can I do ? Thanks from now. -- Burak Sarrafi <[EMAIL PROTECTED]> Network Specialist Sabanci University / IT Dept. Tel:+90-216-4839180 Fax:+90-216-4839186 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- Burak Sarrafi <[EMAIL PROTECTED]> Network Specialist Sabanci University / IT Dept. Tel:+90-216-4839180 Fax:+90-216-4839186