Hi, I have configured FR to connect to a backend MySQL DB which authenticates the NAS fine....
I removed the /etc/raddb/clients.conf file from the relevant places within the FR configuration. The setup I am trying to get working will use the DaloRADIUS web-ui frontend to setup users for MAB. Currently I have DaloRADIUS installed and setup to what I believe is properly as I can connect to the MySQL DB and create users in DR which appear in the MySQL DB. Additionally I have configured the NAS within DR which also works fine as radiusd -X doesn't suggest any type of NAS authentication error. My issue is that I am getting a "user not found" error with regards to the SQL DB backend. I have followed ever step of this guide: http://wiki.freeradius.org/SQL-HOWTO and configured appropriately to the instructions. This is the output of the MySQL radcheck table: mysql> select * from radcheck; +----+--------------+-------------------------+----+----------+ | id | username | attribute | op | value | +----+--------------+-------------------------+----+----------+ | 1 | 0015c5537baa | Auth-Type | := | Accept | | 2 | 0015c5537baa | Tunnel-Type | = | VLAN | | 3 | 0015c5537baa | Tunnel-Medium-Type | = | IEEE-802 | | 4 | 0015c5537baa | Tunnel-Private-Group-Id | = | 20 | | 5 | 0015c5537baa | Tunnel-Preference | = | 0x000000 | +----+--------------+-------------------------+----+----------+ 5 rows in set (0.00 sec) The only difference between this and the wiki guide I can see is that examples on the wiki use capital lettering for the table headers.... (this might be my issue)?? Wiki example output: mysql> select * from radcheck; +----+----------------+--------------------+------------------+------+ | id | UserName | Attribute | Value | Op | +----+----------------+--------------------+------------------+------+ Using radiusd -X I am getting this response: Ready to process requests. rad_recv: Access-Request packet from host 10.0.0.1 port 1645, id=120, length=159 User-Name = "0015c5537baa" User-Password = "0015c5537baa" Service-Type = Call-Check Framed-MTU = 1500 Called-Station-Id = "00-1B-8F-60-AB-8D" Calling-Station-Id = "00-15-C5-53-7B-AA" Message-Authenticator = 0x367e5a0d693f65b22391b00913162cc7 NAS-Port-Type = Ethernet NAS-Port = 50013 NAS-Port-Id = "GigabitEthernet0/13" NAS-IP-Address = 10.0.0.1 # Executing section authorize from file /etc/raddb/sites-enabled/default +- entering group authorize {...} [sql] expand: %{User-Name} -> 0015c5537baa [sql] sql_set_user escaped user --> '0015c5537baa' rlm_sql (sql): Reserving sql socket id: 3 [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = '0015c5537baa' ORDER BY id [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = '0015c5537baa' ORDER BY priority rlm_sql (sql): Released sql socket id: 3 [sql] User 0015c5537baa not found ++[sql] returns notfound ++[expiration] returns noop ++[logintime] returns noop [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. ++[pap] returns noop ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Failed to authenticate the user. I have attached the full file as an extra: >From the information above, the User-Name attribute is being passed to FR and being checked on the MySQL backend, however "Not Found" meaning that from the MySQL radcheck output - that either it isn't connecting to the DB in regards to the User-Name portion or that somehow there is malformed information in there. As per the attached file the FreeRADIUS version is 2.1.10 running on CentOS 6.2 x64 build. The rlm_sql driver seems to be connecting to the DB (as stated the NAS is recognized after it has been provisioned within DaloRADIUS): rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked rlm_sql (sql): Attempting to connect to root@localhost:3306/radius rlm_sql (sql): starting 0 rlm_sql (sql): Attempting to connect rlm_sql_mysql #0 rlm_sql_mysql: Starting connect to MySQL server for #0 rlm_sql (sql): Connected new DB handle, #0 rlm_sql (sql): starting 1 rlm_sql (sql): Attempting to connect rlm_sql_mysql #1 rlm_sql_mysql: Starting connect to MySQL server for #1 rlm_sql (sql): Connected new DB handle, #1 rlm_sql (sql): starting 2 rlm_sql (sql): Attempting to connect rlm_sql_mysql #2 rlm_sql_mysql: Starting connect to MySQL server for #2 rlm_sql (sql): Connected new DB handle, #2 rlm_sql (sql): starting 3 rlm_sql (sql): Attempting to connect rlm_sql_mysql #3 rlm_sql_mysql: Starting connect to MySQL server for #3 rlm_sql (sql): Connected new DB handle, #3 rlm_sql (sql): starting 4 rlm_sql (sql): Attempting to connect rlm_sql_mysql #4 rlm_sql_mysql: Starting connect to MySQL server for #4 rlm_sql (sql): Connected new DB handle, #4 rlm_sql (sql): Processing generate_sql_clients rlm_sql (sql) in generate_sql_clients: query is SELECT id, nasname, shortname, type, secret, server FROM nas rlm_sql (sql): Reserving sql socket id: 4 rlm_sql (sql): Read entry nasname=10.0.0.1,shortname=Switch,secret=pass rlm_sql (sql): Adding client 10.0.0.1 (Switch, server=<none>) to clients list rlm_sql (sql): Released sql socket id: 4 Would anybody be able to help me understand where the issue lies and perhaps how to correct it? Many thanks! Regards, Kaya
radx_dump
Description: Binary data
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
