Alan DeKok wrote:
> Chan Min Wai <[EMAIL PROTECTED]> wrote:
>
>>>>What should I provided so that the auth-type will be automated?
>>>
>>> To do what?
>>
>>To switch to EAP or normal... auth method.
>
>
> The server does that automatically.
>
> Alan DeKok.
This is what I'm having...
Listening on authentication *:1812
Listening on accounting *:1813
Listening on proxy *:1814
Ready to process requests.
rad_recv: Access-Request packet from host 192.168.0.16:8021, id=21,
length=210
Framed-MTU = 1466
NAS-IP-Address = 192.168.0.16
NAS-Identifier = "D-Link"
User-Name = "[EMAIL PROTECTED]"
Service-Type = Framed-User
NAS-Port = 145
NAS-Port-Type = Ethernet
NAS-Port-Id = "ether10_145"
Called-Station-Id = "00-0f-3d-ce-17-c0"
Calling-Station-Id = "00-11-09-5f-a9-8b"
Connect-Info = "CONNECT Ethernet 2Mbps Full duplex"
EAP-Message = 0x020100180164636d776169406f636573622e636f6d2e6d79
Message-Authenticator = 0xb51aa67e9f55d1895a9f422c419a6cc2
rad_lowerpair: User-Name now '[EMAIL PROTECTED]'
rad_rmspace_pair: User-Name now '[EMAIL PROTECTED]'
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
radius_xlat: '/var/log/radius/radacct/192.168.0.16/auth-detail-20050318'
rlm_detail:
/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands
to /var/log/radius/radacct/192.168.0.16/auth-detail-20050318
modcall[authorize]: module "auth_log" returns ok for request 0
modcall[authorize]: module "chap" returns noop for request 0
modcall[authorize]: module "mschap" returns noop for request 0
rlm_realm: Looking up realm "ocesb.com.my" for User-Name =
"[EMAIL PROTECTED]"
rlm_realm: Found realm "ocesb.com.my"
rlm_realm: Adding Stripped-User-Name = "dcmwai"
rlm_realm: Proxying request from user dcmwai to realm ocesb.com.my
rlm_realm: Adding Realm = "ocesb.com.my"
rlm_realm: Authentication realm is LOCAL.
modcall[authorize]: module "suffix" returns noop for request 0
rlm_eap: EAP packet type response id 1 length 24
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 0
users: Matched DEFAULT at 165
users: Matched DEFAULT at 243
modcall[authorize]: module "files" returns ok for request 0
modcall: group authorize returns updated for request 0
Processing the authorize section of radiusd.conf
modcall: entering group Autz-Type for request 0
rlm_ldap: - authorize
rlm_ldap: performing user authorization for dcmwai
radius_xlat: '(uid=dcmwai)'
radius_xlat: 'dc=ocesb,dc=com,dc=my, dc=.'
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn: Got Id: 0
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to 203.115.210.254:389, authentication 0
rlm_ldap: bind as cn=Manager,dc=./oceldap1 to 203.115.210.254:389
rlm_ldap: waiting for bind result ...
rlm_ldap: Bind was successful
rlm_ldap: performing search in dc=ocesb,dc=com,dc=my, dc=., with filter
(uid=dcmwai)
rlm_ldap: checking if remote access for dcmwai is allowed by dialupAccess
rlm_ldap: performing search in
cn=default,ou=profiles,dc=ocesb,dc=com,dc=my,dc=., with filter
(objectclass=radiusprofile)
rlm_ldap: Adding radiusSimultaneousUse as Simultaneous-Use, value 1 & op=21
rlm_ldap: Adding radiusLoginLATGroup as NoCat-Groups, value Member & op=11
rlm_ldap: Adding radiusIdleTimeout as Idle-Timeout, value 60 & op=11
rlm_ldap: Adding radiusFramedMTU as Framed-MTU, value 1500 & op=11
rlm_ldap: Adding radiusServiceType as Service-Type, value Framed-User &
op=11
rlm_ldap: Added password PASSWORD in check items
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: Adding radiusLoginLATGroup as NoCat-Groups, value Member & op=11
rlm_ldap: Adding radiusSessionTimeout as Session-Timeout, value 300 & op=11
rlm_ldap: user dcmwai authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ocesbldap" returns ok for request 0
modcall: group Autz-Type returns ok for request 0
rad_check_password: Found Auth-Type ldap-ocesb
auth: type "ldap-ocesb"
Processing the authenticate section of radiusd.conf
modcall: entering group Auth-Type for request 0
rlm_ldap: - authenticate
rlm_ldap: Attribute "User-Password" is required for authentication.
modcall[authenticate]: module "ocesbldap" returns invalid for request 0
modcall: group Auth-Type returns invalid for request 0
auth: Failed to validate the user.
Login incorrect: [EMAIL PROTECTED]/<no User-Password attribute>]
(from client Dlink port 145 cli 00-11-09-5f-a9-8b)
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 21 to 192.168.0.16:8021
Waking up in 4 seconds...
I've something like this in the
authenticate {
Auth-Type PAP {
pap
}
Auth-Type CHAP {
chap
}
Auth-Type MS-CHAP {
mschap
}
unix
Auth-Type ldap-ocesb {
ocesbldap
}
Auth-Type ldap-opticcom {
opticscomldap
}
Auth-Type ldap-opticnet {
opticsnetldap
}
eap
}
Am I doing something wrong?
Regards.
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
