Hi,

I am trying to authenticate the test user (mikem/fred) using <AuthBy SQL>.

The radpwtest does perform as expected. The user is authenticated when
the correct password is informed, and rejected if I type anything
else.

I set up even a flat password file for this user, using the example in
the documentation:

mikem  User-Password = "fred", Service-Type = Framed-user
Framed-Protocol = PPP, Frame-IP-Netmask = 255.255.255.0
Framed-Routing = None, Framed-MTU = 1500


And the shared secret configured into Radiator is the same as the NAS.

Again, if I use radpwtst, it works fine. I am able to authenticate
using the flat file.

But when I use the NAS (3Com Total Control HiPer ARC), I can't the user
authenticated at all. Both methods fail. What I get is this:

Fri Jun 18 15:44:07 1999: DEBUG: Accounting accepted
Fri Jun 18 15:44:15 1999: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Fri Jun 18 15:44:15 1999: DEBUG: Handling with Radius::AuthFILE
Fri Jun 18 15:44:15 1999: DEBUG: Radius::AuthFILE looks for match with mikem
Fri Jun 18 15:44:15 1999: DEBUG: Radius::AuthFILE REJECT: Bad Password
Fri Jun 18 15:44:15 1999: DEBUG: Handling with Radius::AuthSQL
Fri Jun 18 15:44:15 1999: DEBUG: Handling with Radius::AuthSQL
Fri Jun 18 15:44:15 1999: DEBUG: Query is: select PASSWORD from SUBSCRIBERS
where USERNAME='mikem'

Fri Jun 18 15:44:15 1999: DEBUG: Radius::AuthSQL looks for match with mikem
Fri Jun 18 15:44:15 1999: DEBUG: Radius::AuthSQL REJECT: Bad Password
Fri Jun 18 15:44:15 1999: DEBUG: Query is: select PASSWORD from SUBSCRIBERS
where USERNAME='DEFAULT'

Fri Jun 18 15:44:15 1999: INFO: Access rejected for mikem: Bad Password

It does not matter what I try, I only get "Bad Password" on both
authentication methods when using the NAS.

I used another account, and the result is the same.

What am I doing wrong??? Or may this be an error in the configuration
of the NAS?

And I may have another problem. Even with no user using this NAS, it
seems to be sending messages to the Radiator, as I am getting this:
Fri Jun 18 15:43:41 1999: INFO: Server started
Fri Jun 18 15:43:43 1999: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Fri Jun 18 15:43:43 1999: DEBUG: Handling with Radius::AuthFILE
Fri Jun 18 15:43:43 1999: DEBUG: Deleting session for unauthenticated,
200.245.170.3, 1310
Fri Jun 18 15:43:43 1999: DEBUG: Accounting accepted
Fri Jun 18 15:44:07 1999: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Fri Jun 18 15:44:07 1999: DEBUG: Handling with Radius::AuthFILE
Fri Jun 18 15:44:07 1999: DEBUG: Deleting session for unauthenticated,
200.245.170.3, 1281

Any ideas? I appended some files to this message, and here is the
output from the Oracle SQL Plus:

Connected to:
Oracle8 Enterprise Edition Release 8.0.5.0.0 - Production
PL/SQL Release 8.0.5.0.0 - Production

SQL>> select * from SUBSCRIBERS;

USERNAME                                           PASSWORD
-------------------------------------------------- --------------------
COD                  PROD
 -------------------- --------------------
mikem                                              fred
cj012345678          20horas

upeters                                            teste
cj012345678          Reject



One more thing, the shared secret configured into Radiator is the same as
the NAS.

The secret was set to the same string used for the Radius server on an
other server, the one which is used now for user authentication. The
NAS did authenticate me there without trouble.
Then the configuration of the NAS was changed, pointing the IP address
to the machine running Radiator. Nothing else was changed.

--------------------------

<Log FILE>
    Filename %L/mylog.txt
    Trace 5
</Log>

# You will probably want to change this to suit your site.

<Client DEFAULT>
        Secret  xxxxxxxx
        DupInterval 0
</Client>
---

I still get the "Radius::AuthSQL REJECT: Bad Password" message.
At least I was able to set the trace level to dump the packages. (I
was setting Trace between the <LOG> markers, which is not working.)

And there seems to be another problem, as I am getting lots of strange
packages:

        Code:       Accounting-Request
        User-Name = "!root"

        Code:       Accounting-Request
        User-Name = "unauthenticated"

What is this? Are those packages normal? How to avoid them?

You will find the connection attempt (mikem/fred) in the log I
appended. I hope that you will be able to find my error...


Best regards,

Márcia Maroni


===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Reply via email to