Same thing unfortunately… Users file DEFAULT User-Name =~ ".*\\.xnet\\.co\\.nz$" Auth-Type := Accept, Pool-Name := un-auth, Service-Type = Framed-User, Framed-Protocol = PPP, Cisco-Avpair += "ip:vrf-id=Suspended", Cisco-Avpair += "ip:ip-unnumbered=Loopback 1000",
root@radius01-new:~# radtest [email protected] password localhost:1812 1812 testing123 Sending Access-Request of id 77 to 127.0.0.1 port 1812 User-Name = "[email protected]" User-Password = "password" NAS-IP-Address = 120.136.0.21 NAS-Port = 1812 rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=77, length=20 Debug Ready to process requests. rad_recv: Access-Request packet from host 127.0.0.1 port 48547, id=77, length=73 User-Name = "[email protected]" User-Password = "password" NAS-IP-Address = 120.136.0.21 NAS-Port = 1812 +- entering group authorize {...} ++[preprocess] returns ok [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop ++[chap] returns noop ++[mschap] returns noop [suffix] Looking up realm "adsl.xnet.co.nz" for User-Name = "[email protected]" [suffix] Found realm "DEFAULT" [suffix] Adding Realm = "DEFAULT" [suffix] Authentication realm is LOCAL. ++[suffix] returns ok [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[unix] returns notfound expand: %{User-Name} -> [email protected] [files] users: Matched entry DEFAULT at line 236 ++[files] returns ok expand: %{User-Name} -> [email protected] [sql] sql_set_user escaped user --> '[email protected]' rlm_sql (sql): Reserving sql socket id: 3 expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = '[email protected]' ORDER BY id expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = '[email protected]' ORDER BY priority rlm_sql (sql): Released sql socket id: 3 [sql] User [email protected] not found ++[sql] returns notfound ++[expiration] returns noop ++[logintime] returns noop No authenticate method (Auth-Type) configuration found for the request: Rejecting the user Failed to authenticate the user. Login incorrect: [[email protected]/password] (from client localhost port 1812) Using Post-Auth-Type Reject +- entering group REJECT {...} expand: %{User-Name} -> [email protected] attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 1 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 1 Sending Access-Reject of id 77 to 127.0.0.1 port 48547 Waking up in 4.9 seconds. Cleaning up request 1 ID 77 with timestamp +34 Ready to process requests. Thanks Barry From: Arran Cudbard-Bell <[email protected]<mailto:[email protected]>> Reply-To: FreeRadius users mailing list <[email protected]<mailto:[email protected]>> Date: Fri, 26 Aug 2011 11:26:52 +0200 To: FreeRadius users mailing list <[email protected]<mailto:[email protected]>> Subject: Re: authenticate realm no matter what username is On 26 Aug 2011, at 11:16, Barry Murphy wrote: Hey guys, We're an ISP providing ADSL services ourselves and on behalf of our wholesalers. I have a bunch of realms that are LOCAL and proxied which work with no issues. I'm trying to add realms of competitors to our radius so when customers are migrated from our competitors to our network they get authenticated and I drop them into a VRF displaying to them they need to change their login details. I've already got the VRF working, the forwarder page etc, I just can't seem to get users to authenticate with a wildcard *@dsl.competitor.co.nz<mailto:*@dsl.competitor.co.nz> I have tried the following varies in users file… DEFAULT User-Name =~ "~*\\.xnet\\.co\\.nz$" Surely you want User-Name =~ ".*\\.xnet\\.co\\.nz$" ? Arran Cudbard-Bell [email protected]<mailto:[email protected]> RADIUS - Half the complexity of Diameter - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
