Ok, found the issue. The issue was the shared secret in the radius auth
script and the clients list of FreeRADIUS. Small variation in one of
the passwords (I thought it would of complained about this). What I
don't understand is how the packet still gets generated (from the CP)
and proxied even though the shared secret between the auth.pm and the
FreeRADIUS clients.conf was not the same. Does this mean there is no
client-server communication in the request?
-Antonio
On 04/07/2011 03:43 PM, Olivier Bilodeau wrote:
> Hi Antonio,
>
>> Ok, that makes sense. So from what you're telling me, the node status
>> needs to change for PF to actually initiate an SSH session to the
>> controller. If this is the case, the problem is why I can't register a
>> node using the CP via RADIUS even though the an Access-Accept comes back
>> from the RADIUS server. The CP gives me an invalid username&
>> password. How do I fix this?
>>
> PacketFence's own FreeRADIUS is not configured to be used as a CP auth
> end-point. So I hope that by 'the RADIUS server' you mean your own
> RADIUS to perform the CP user authentication correct?
>
> If so, then validate that the conf/authentication/radius.pm module is
> configured correctly, that your conf/pf.conf's auth=radius under
> [registration], that you have no errors in logs/error_log and
> logs/packetfence.log.
>
> If all the above failed, insert $logger->debug("..."); statements in the
> conf/authentication/radius.pm module and try to trace the problem. Don't
> forget to add a my $logger = Log::Log4perl::get_logger(__PACKAGE__);
> statement if there's none already.
>
------------------------------------------------------------------------------
Xperia(TM) PLAY
It's a major breakthrough. An authentic gaming
smartphone on the nation's most reliable network.
And it wants your games.
http://p.sf.net/sfu/verizon-sfdev
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
