Re: Auth All but only for those in my clients.conf

Mon, 19 Dec 2005 14:11:46 -0800

Again, I did want to mention that only CHAP request fail, others go through fine with an Accept. 

#####################################################################

Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests.

rad_recv: Access-Request packet from host ##MyIPwasHere##:3457, id=0, 
length=57

      User-Name = "[EMAIL PROTECTED]"
      CHAP-Password = 0x7e842a573cd6363e06fe53a93a7b8d9e94
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0

radius_xlat: 
'/var/log/radius/radacct/##ClientIPwasHere##/auth-detail-20051219'
rlm_detail: /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d 
expands to /var/log/radius/radacct/##ClientIPwasHere##/auth-detail-20051219

modcall[authorize]: module "auth_log" returns ok for request 0



I think this is the problem.  Try commenting out chap in the authorize 
section.



rlm_chap: Setting 'Auth-Type := CHAP'
modcall[authorize]: module "chap" returns ok for request 0
modcall[authorize]: module "mschap" returns noop for request 0

  rlm_realm: Looking up realm "##MyDomainWasHere##/" for User-Name = 
"[EMAIL PROTECTED]/.com"

  rlm_realm: No such realm "##MyDomainWasHere##/.com"
modcall[authorize]: module "suffix" returns noop for request 0
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 0
  users: Matched entry DEFAULT at line 156



I'd have to assume this matches line (156) matches your Auth-Type := 
Accept.  However, for some reason its not overriding the Auth-Type := 
Chap, that was set earlier by the chap section of authorize.



modcall[authorize]: module "files" returns ok for request 0
modcall: group authorize returns ok for request 0
rad_check_password:  Found Auth-Type CHAP
auth: type "CHAP"
Processing the authenticate section of radiusd.conf
modcall: entering group Auth-Type for request 0
rlm_chap: login attempt by "[EMAIL PROTECTED]" with CHAP password

rlm_chap: Could not find clear text password for user 
[EMAIL PROTECTED]

modcall[authenticate]: module "chap" returns invalid for request 0
modcall: group Auth-Type returns invalid for request 0
auth: Failed to validate the user.

Login incorrect (rlm_chap: Clear text password not available): 
[EMAIL PROTECTED]/<CHAP-Password>] (from client ToddHome port 0)

Delaying request 0 for 1 seconds
Finished request 0



Try commenting out chap in authorize and authenticate and see what 
happens.
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html





















					Reply via email to