Hello,
I do not know how I missed that, thanks :)
But now I am getting different problem. In sql table I entered Cryped password.
(acctsessionid, acctuniqueid, username, realm, nasipaddress,
naspor tid,
nasporttype, acctstarttime, acctstoptime, acctses
siontime, acctauthentic,
connectinfo_start, connectinfo_stop, accti
nputoctets, acctoutputoctets,
calledstationid, callingstationid, ac
ctterminatecause, servicetype,
framedprotocol, framedipaddress,
acctstartdelay, acctstopdelay) VALUES
('%{Acct-S
ession-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}',
'%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port
-Type}',
DATE_SUB('%S', INTERVAL (%{%{Acct-Session
-Time}:-0} +
%{%{Acct-Delay-Time}:-0}) SECOND), '%
S', '%{Acct-Session-Time}',
'%{Acct-Authentic}', '', '%{Connect-Inf
o}',
'%{%{Acct-Input-Gigawords}:-0}' << 32 | '%{%{Acct
-Input-Octets}:-0}',
'%{%{Acct-Output-Gigawords}:-0}' << 32 |
'%{%{Acct-Output-Octets}:-0}',
'%{Called-Station-Id}', '%{C
alling-Station-Id}', '%{Acct-Terminate-Cause}',
'%{Ser
vice-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '0',
'%{
%{Acct-Delay-Time}:-0}')" group_membership_query = "SELECT groupname
FROM radusergroup
WHERE username = '%{SQL-User-Name}' ORDER BY
priority" connect_failure_retry_delay = 60 simul_count_query = ""
simul_verify_query = "SELECT radacctid, acctsessionid, username,
nasipaddress, nasportid, framedipaddress,
callingstationid,
framedprotocol
FROM radacct WHERE
username = '%{SQL-User-Name}'
AND acctstoptime IS NULL"
postauth_query = "INSERT INTO radpostauth (use
rname, pass, reply,
authdate) VALUES (
'%{User-Name}',
'%{%{User-Password}:-%{Chap
-Password}}',
'%{reply:Packet-Type}', '%S')" safe-characters =
"@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ
0123456789.-_: /" }rlm_sql (sql): Driver
rlm_sql_mysql (module rlm_sql_mysql) loaded and linkedrlm_sql (sql): Attempting
to connect to r...@localhost:/radiusrlm_sql (sql): starting 0rlm_sql (sql):
Attempting to connect rlm_sql_mysql #0rlm_sql_mysql: Starting connect to MySQL
server for #0rlm_sql (sql): Connected new DB handle, #0rlm_sql (sql): starting
1rlm_sql (sql): Attempting to connect rlm_sql_mysql #1rlm_sql_mysql: Starting
connect to MySQL server for #1rlm_sql (sql): Connected new DB handle, #1rlm_sql
(sql): starting 2rlm_sql (sql): Attempting to connect rlm_sql_mysql
#2rlm_sql_mysql: Starting connect to MySQL server for #2rlm_sql (sql):
Connected new DB handle, #2rlm_sql (sql): starting 3rlm_sql (sql): Attempting
to connect rlm_sql_mysql #3rlm_sql_mysql: Starting connect to MySQL server for
#3rlm_sql (sql): Connected new DB handle, #3rlm_sql (sql): starting 4rlm_sql
(sql): Attempting to connect rlm_sql_mysql #4rlm_sql_mysql: Starting connect to
MySQL server for #4rlm_sql (sql): Connected new DB handle, #4 Module: Checking
preacct {...} for more modules to load Module: Linked to module rlm_acct_unique
Module: Instantiating module "acct_unique" from file /etc/raddb/modules/acct_un
ique acct_unique
{ key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address,
NA S-Port" }
Module: Checking accounting {...} for more modules to load Module: Linked to
module rlm_detail Module: Instantiating module "detail" from file
/etc/raddb/modules/detail detail { detailfile =
"/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d
" header = "%t"
detailperm = 384 dirperm = 493 locking = no
log_packet_header = no } Module: Instantiating module
"attr_filter.accounting_response" from file /etc/r
addb/modules/attr_filter attr_filter
attr_filter.accounting_response { attrsfile =
"/etc/raddb/attrs.accounting_response" key = "%{User-Name}" } Module:
Checking session {...} for more modules to load Module: Checking post-proxy
{...} for more modules to load Module: Checking post-auth {...} for more
modules to load } # modules} # serverradiusd: #### Opening IP addresses and
Ports ####listen { type = "auth" ipaddr = * port =
0}listen { type = "acct" ipaddr = * port = 0}listen {
type = "control" listen { socket = "/var/run/radiusd/radiusd.sock"
}}listen { type = "auth" ipaddr = 127.0.0.1 port =
18120}Listening on authentication address * port 1812Listening on accounting
address * port 1813Listening on command file
/var/run/radiusd/radiusd.sockListening on authentication address 127.0.0.1 port
18120 as server inner-tunnelListening on proxy address * port 1814Ready to
process requests.rad_recv: Access-Request packet from host xxx.xxx.xxx.xxx port
38635, id=26, lengt
h=206 Acct-Multi-Session-Id = "1291360938971" Cisco-Attr-130 =
0x683332332d63616c6c696e672d656e74657270726973652d69643
d656e74504258 Calling-Station-Id =
"81609000" NAS-Identifier = "intraswitch" NAS-IP-Address =
xxx.xxx.xxx.xxx 3GPP2-Prepaid-acct-Capability = 0x010600000002
3GPP2-Session-Termination-Capability = 1 h323-conf-id =
"h323-conf-id=1291360938971" Vendor-Specific = 0x00000009
Event-Timestamp = "Dec 3 2010 08:22:18 CET" User-Name = "081609000"
User-Password = "1234"# Executing section authorize from file
/etc/raddb/sites-enabled/default+- entering group authorize {...}++[preprocess]
returns ok++[chap] returns noop++[mschap] returns noop++[digest] returns
noop[sql] expand: %{User-Name} -> 081609000[sql] sql_set_user escaped user
--> '081609000'rlm_sql (sql): Reserving sql socket id: 4[sql] expand: SELECT
id, username, attribute, value, op FROM radchec
k WHERE username =
'%{SQL-User-Name}' ORDER BY id -> SELECT
id, username, attribute, value, op
FROM radcheck WHERE usern
ame = '081609000' ORDER BY id[sql] User found in
radcheck table[sql] expand: SELECT id, username, attribute, value, op
FROM radrepl y
WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT
id, username,
attribute, value, op FROM radreply WHERE usern
ame = '081609000'
ORDER BY id[sql] expand: SELECT groupname FROM radusergroup
WHERE use rname
= '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname
FROM radusergroup
WHERE username = '081609000' ORDER BY
priority[sql] expand: SELECT id,
groupname, attribute, Value, op F
ROM radgroupcheck WHERE groupname
= '%{Sql-Group}' ORDER BY
id -> SELECT id, groupname, attribute, Value, op
FROM radgro
upcheck WHERE groupname = 'static' ORDER BY id[sql] User
found in group static[sql] expand: SELECT id, groupname, attribute,
value, op F
ROM radgroupreply WHERE groupname = '%{Sql-Group}'
ORDER BY id ->
SELECT id, groupname, attribute, value, op FROM radgro
upreply
WHERE groupname = 'static' ORDER BY idrlm_sql (sql): Released sql
socket id: 4++[sql] returns ok[suffix] No '@' in User-Name = "081609000",
looking up realm NULL[suffix] No such realm "NULL"++[suffix] returns noop[eap]
No EAP-Message, not doing EAP++[eap] returns noop++[unix] returns notfound[sql]
expand: %{User-Name} -> 081609000[sql] sql_set_user escaped user -->
'081609000'rlm_sql (sql): Reserving sql socket id: 3[sql] expand: SELECT id,
username, attribute, value, op FROM radchec
k WHERE username =
'%{SQL-User-Name}' ORDER BY id -> SELECT
id, username, attribute, value, op
FROM radcheck WHERE usern
ame = '081609000' ORDER BY id[sql] User found in
radcheck table[sql] expand: SELECT id, username, attribute, value, op
FROM radrepl y
WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT
id, username,
attribute, value, op FROM radreply WHERE usern
ame = '081609000'
ORDER BY id[sql] expand: SELECT groupname FROM radusergroup
WHERE use rname
= '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname
FROM radusergroup
WHERE username = '081609000' ORDER BY
priority[sql] expand: SELECT id,
groupname, attribute, Value, op F
ROM radgroupcheck WHERE groupname
= '%{Sql-Group}' ORDER BY
id -> SELECT id, groupname, attribute, Value, op
FROM radgro
upcheck WHERE groupname = 'static' ORDER BY id[sql] User
found in group static[sql] expand: SELECT id, groupname, attribute,
value, op F
ROM radgroupreply WHERE groupname = '%{Sql-Group}'
ORDER BY id ->
SELECT id, groupname, attribute, value, op FROM radgro
upreply
WHERE groupname = 'static' ORDER BY idrlm_sql (sql): Released sql
socket id: 3++[sql] returns ok++[expiration] returns noop++[logintime] returns
noop++[pap] returns updatedFound Auth-Type = PAP# Executing group from file
/etc/raddb/sites-enabled/default+- entering group PAP {...}[pap] login attempt
with password "1234"[pap] Using CRYPT password "1234"[pap] Passwords don't
match++[pap] returns rejectFailed to authenticate the user.Using Post-Auth-Type
Reject# Executing group from file /etc/raddb/sites-enabled/default+- entering
group REJECT {...}[attr_filter.access_reject] expand: %{User-Name} ->
081609000 attr_filter: Matched entry DEFAULT at line
11++[attr_filter.access_reject] returns updatedDelaying reject of request 0 for
1 secondsGoing to the next requestWaking up in 0.9 seconds.Sending delayed
reject for request 0Sending Access-Reject of id 26 to xxx.xxx.xxx.xxx port
38635Waking up in 4.9 seconds.rad_recv: Access-Request packet from host
xxx.xxx.xxx.xxx port 38635, id=26, lengt
h=206Sending duplicate reply to client intraswitch port
38635 - ID: 26Sending Access-Reject of id 26 to xxx.xxx.xxx.xxx port
38635Waking up in 4.9 seconds.Cleaning up request 0 ID 26 with timestamp
+8Ready to process requests.
Why passwords do not match if they are the same. (1234)?
Thanks for your help!!
miha
> Date: Thu, 2 Dec 2010 16:31:33 +0000
> From: [email protected]
> To: [email protected]
> Subject: Re: Clear text password (radius)
>
> Hi,
>
> > WARNING: Unprintable characters in the password. Double-check
> > the
> > shared secret on the server and the NAS!
>
> thats your answer. the server doesnt lie
>
>
> alan
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
