Just a stupid question. Is your freeradius compiled with mysql support?
Do you have rlm_sql_mysql in your module dir? Regards Luciano On Fri, Jan 16, 2009 at 11:49 AM, obaid ghaznawi <[email protected]> wrote: > hi, first of all, i thank all people who are giving thier time to help. > > before i subscribe here and post my email, i am searching around in > internet since a week > and trying my best to solve it, i have learned many things,but there is one > problem i cannot get it solved. > i am trying to make hotspot for some building, i choosed: > Freeradius + Mysql = running on 1 computer (ubuntu server 8.10) as backend > server > and CoovaAP on WRT54GL sending user credentials to backend server for > authentication > my configs (default settings not showed, lines i changed showed) > > freeradius radiusd.conf > ================================================ > . > . all default > . > log { > . > . > #at the end of log{ > auth = yes > auth_badpass = yes > auth_goodpass = yes > } > > modules { > . > . > . > $INCLUDE sql.conf #already there > $INCLUDE sql/mysql/counter.conf #already there > . > . > . > } > > authorize{ > preprocess > chap > mschap > suffix > eap > sql #if i comment out sql and use file, it works, i recive > Packet-Accept, with SQL see the pap warning in debug text > pap > } > > accounting{ > detail > sql > } > > session{ > sql > } > ================================================== > clients.conf > > client localhost { > ipaddr = 127.0.0.1 > secret = clientradsec36365 > require_message_authenticator = no > nastype = other > > } > ================================================== > sql.conf > sql { > database = "mysql" > driver = "rlm_sql_${database}" > server = "localhost" > login = "radius" > password = "frsqldblogin36365" > radius_db = "radius" > . > . > . > sqltrace = yes > sqltracefile = ${logdir}/sqltrace.sql > . > . > } > > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ > > /etc/freeradius/sql/mysql/schema.sql and nas.sql has been imported into > mysql "radius" database, rad...@localhost user granted all on radius.* > > dummy data in tables: > > mysql> SELECT * FROM radcheck; > +----+----------+--------------------+----+-------+ > | id | username | attribute | op | value | > +----+----------+--------------------+----+-------+ > | 1 | obaid | Cleartext-Password | := | 36365 | > +----+----------+--------------------+----+-------+ > 1 row in set (0.00 sec) > > mysql> SELECT * FROM radusergroup; > +----------+-----------+----------+ > | username | groupname | priority | > +----------+-----------+----------+ > | obaid | hotspot | 0 | > +----------+-----------+----------+ > 1 row in set (0.01 sec) > > mysql> SELECT * FROM radgroupcheck; > +----+-----------+-----------+----+-------+ > | id | groupname | attribute | op | value | > +----+-----------+-----------+----+-------+ > | 2 | hotspot | Auth-Type | := | Local | > +----+-----------+-----------+----+-------+ > 1 row in set (0.00 sec) > > > mysql> SELECT * FROM radreply; > +----+----------+---------------+----+-------+ > | id | username | attribute | op | value | > +----+----------+---------------+----+-------+ > | 1 | obaid | Reply-Message | := | Hello | > +----+----------+---------------+----+-------+ > 1 row in set (0.00 sec) > > mysql> SELECT * FROM radgroupreply; > +----+-----------+-----------------+----+-------------+ > | id | groupname | attribute | op | value | > +----+-----------+-----------------+----+-------------+ > | 1 | hotspot | Framed-Protocol | := | PPP | > | 2 | hotspot | Service-Type | := | Framed-User | > +----+-----------+-----------------+----+-------------+ > 2 rows in set (0.00 sec) > > @#...@#$@#...@#$@#...@#$@#...@#$@#...@#$@#...@#$@#...@#$@#$ > > now when running /usr/sbin/freeradius -X and send auth request with radtest > i get > radtest obaid 36365 localhost 1812 clientradsec36365 > > Sending Access-Request of id 96 to 127.0.0.1 port 1812 > User-Name = "obaid" > User-Password = "36365" > NAS-IP-Address = 192.168.1.100 > NAS-Port = 1812 > rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=96, > length=20 > > freeradius -X: > > Listening on authentication address * port 1812 > Listening on accounting address * port 1813 > Listening on proxy address * port 1814 > Ready to process requests. > rad_recv: Access-Request packet from host 127.0.0.1 port 40386, id=96, > length=57 > User-Name = "obaid" > User-Password = "36365" > NAS-IP-Address = 192.168.1.100 > NAS-Port = 1812 > +- entering group authorize {...} > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > [suffix] No '@' in User-Name = "obaid", looking up realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] No EAP-Message, not doing EAP > ++[eap] returns noop > ++[unix] returns notfound > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > [pap] WARNING! No "known good" password found for the user. Authentication > may fail because of this. > ++[pap] returns noop > No authenticate method (Auth-Type) configuration found for the request: > Rejecting the user > Failed to authenticate the user. > Login incorrect: [obaid/36365] (from client server port 1812) > Using Post-Auth-Type Reject > +- entering group REJECT {...} > expand: %{User-Name} -> obaid > attr_filter: Matched entry DEFAULT at line 11 > ++[attr_filter.access_reject] returns updated > Delaying reject of request 0 for 1 seconds > Going to the next request > Waking up in 0.9 seconds. > Sending delayed reject for request 0 > Sending Access-Reject of id 96 to 127.0.0.1 port 40386 > Waking up in 4.9 seconds. > Cleaning up request 0 ID 96 with timestamp +17 > Ready to process requests. > > -========================================================= > have you noticed that debug output doesnt talk about sql queries ???, and > nothing about sql queries in log files. > > i have used ntradping to send authentication request with CHAP ticked/not > ticked, and i get the same rad+recv:Access-Reject. > > but with all same config (except commenting sql and uncomment file in > radius.conf) and radtesting it works fine. > > it is probably radius cant query mysql, but i used mtop (mysql monitoring > tool) and it showes that radius queried mysql > > or it might be wrong dummy data... > ----- > > i will appreciate it very much if some one will guide me through this. > > thanks for reading. > > Obaid Ghaznawi > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
