Rob wrote: > While I am using Calling-Station-Id freeradius does not authenicate > user. Without calling-station-id (user Rob) works Ok. Can anybody > point me where is the problem? > Checkval exists in radiusd.conf.
Checkval isn't needed. I have no idea why you would use it here. > Freeradius 1.1.7 > user file: > "Alan" User-Password == "12345", Calling-Station-Id == "000d88b7c2de" You don't need quotes around the user name. The examples in the "users" file show this. You need to use Cleartext-Password := ..., too. This is in the FAQ. > "Rob" User-Password == "123456" > DEFAULT Auth-Type = EAP,EAP-Type == PEAP, Proxy-To-Realm = LOCAL Delete that last line. I have no idea why so many people insist on setting Auth-Type. Can you please explain why you added it, and which documentation said it was a good idea? All of the documentation that is shipped with the server says that you are NOT supposed to add it. > Log from radius -X: ... > peap: copy_request_to_tunnel = no The Calling-Station-Id is *not* present in the tunneled request. So... unless you set this to "yes", the entry above in the "users" file will NOT match! And the debug log shows this: ... > modcall[authorize]: module "files" returns notfound for request 6 See? No match. > modcall: leaving group authorize (returns updated) for request 6 ... > rlm_mschap: No User-Password configured. Cannot create LM-Password. > rlm_mschap: No User-Password configured. Cannot create NT-Password. > rlm_mschap: Told to do MS-CHAPv2 for Alan with NT-Password > rlm_mschap: FAILED: No NT/LM-Password. Cannot perform authentication. And then authentication fails. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
