Re: IKEv2+PEAP no joy
Hi,
Run the server with '-Xx' to get a hex dump of the tunneled data.
That will give a bit more information about what's going on.
that doesn't reveal much new info. For outer id set, it dumps the inner
EAP-Message, but for unset, only the error message. -Xxxx (-Xx looks the
same):
- with id privacy
Mon Apr 12 08:08:25 2010 : Info: +- entering group authenticate {...}
Mon Apr 12 08:08:25 2010 : Info: [eap] Request found, released from the list
Mon Apr 12 08:08:25 2010 : Info: [eap] EAP/peap
Mon Apr 12 08:08:25 2010 : Info: [eap] processing type peap
Mon Apr 12 08:08:25 2010 : Info: [peap] processing EAP-TLS
Mon Apr 12 08:08:25 2010 : Info: [peap] eaptls_verify returned 7
Mon Apr 12 08:08:25 2010 : Info: [peap] Done initial handshake
Mon Apr 12 08:08:25 2010 : Info: [peap] eaptls_process returned 7
Mon Apr 12 08:08:25 2010 : Info: [peap] EAPTLS_OK
Mon Apr 12 08:08:25 2010 : Info: [peap] Session established. Decoding
tunneled attributes.
Mon Apr 12 08:08:25 2010 : Info: [peap] Identity -
claude.tomp...@education.lu
Mon Apr 12 08:08:25 2010 : Info: [peap] Got tunneled request
EAP-Message =
0x0205002001636c617564652e746f6d7065727340656475636174696f6e2e6c75
server VPN {
Mon Apr 12 08:08:25 2010 : Debug: PEAP: Got tunneled identity of
claude.tomp...@education.lu
Mon Apr 12 08:08:25 2010 : Debug: PEAP: Setting default EAP type for
tunneled EAP session.
Mon Apr 12 08:08:25 2010 : Debug: PEAP: Setting User-Name to
claude.tomp...@education.lu
Sending tunneled request
EAP-Message =
0x0205002001636c617564652e746f6d7065727340656475636174696f6e2e6c75
FreeRADIUS-Proxied-To = 127.0.0.1
User-Name = claude.tomp...@education.lu
NAS-Port-Type = Virtual
NAS-Identifier = strongSwan
RESTENA-Service-Type = VPN
- without id privacy:
Mon Apr 12 08:07:38 2010 : Info: +- entering group authenticate {...}
Mon Apr 12 08:07:38 2010 : Info: [eap] Request found, released from the list
Mon Apr 12 08:07:38 2010 : Info: [eap] EAP/peap
Mon Apr 12 08:07:38 2010 : Info: [eap] processing type peap
Mon Apr 12 08:07:38 2010 : Info: [peap] processing EAP-TLS
Mon Apr 12 08:07:38 2010 : Info: [peap] eaptls_verify returned 7
Mon Apr 12 08:07:38 2010 : Info: [peap] Done initial handshake
Mon Apr 12 08:07:38 2010 : Info: [peap] eaptls_process returned 7
Mon Apr 12 08:07:38 2010 : Info: [peap] EAPTLS_OK
Mon Apr 12 08:07:38 2010 : Info: [peap] Session established. Decoding
tunneled attributes.
Mon Apr 12 08:07:38 2010 : Info: [peap] Tunneled data is invalid.
Mon Apr 12 08:07:38 2010 : Info: [eap] Handler failed in EAP/peap
Mon Apr 12 08:07:38 2010 : Info: [eap] Failed in EAP select
Mon Apr 12 08:07:38 2010 : Info: ++[eap] returns invalid
Mon Apr 12 08:07:38 2010 : Info: Failed to authenticate the user.
Mon Apr 12 08:07:38 2010 : Auth: Login incorrect: [
\001\n\030\000\000\004\003\235A\2112\236\240\242\220/via A
uth-Type = EAP] (from client vpn6-test-v4 port 0)
Stefan
--
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la
Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg
Tel: +352 424409 1
Fax: +352 422473
signature.asc
Description: OpenPGP digital signature
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Error: rlm_eap: No EAP session matching the State variable.
Rupesh Kumar wrote: I am using latest freeradius server (version 2.1.8). Which AP supplicant (client PC) are you using? I have two authenticated sessions established with radius server and when disable and reenable the dot1x sessions, then I am seeing the following error and one request is getting Reject message from the server. ... Is it a known issue in radius server or what is the root cause of it. The supplicant and/or the Access Point is broken. I have attached radius server failure log messages The supplicant starts EAP, and the server responds with a request for EAP-TLS. The supplicant NAKs it, and asks for EAP-MD5. The server responds with EAP-MD5. The supplicant then responds with a NAK for EAP-MD5. This packet from the AP contains the *old* State variable from the previous NAK. A close look at the packet traces shows that either the supplicant is re-using the old NAK (and confusing the AP), or the AP is re-using an old packet (and confusing the supplicant). Either way, the packet traces on the server show that the server is behaving correctly. The error message about no matching state is because the server has moved on to the *next* step of EAP, and it receives a packet from the *previous* step. So there really is no matching state. Try using another supplicant and/or AP. You won't be able to fix this by editing the server configuration. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Proxied Accounting
hello all,
i am currently trying to proxy accounting to another freeradius server. the
accounting request receives the proxied server but i get the following
message in with debug:
+- entering group accounting {...}
[sql_default] expand: packet has no accounting status type. [user
'%{User-Name}', nas '%{NAS-IP-Address}'] - packet has no accounting status
type. [user 'b...@realm', nas '10.80.10.140']
[sql_default] packet has no accounting status type. [user 'b...@realm', nas
'10.80.10.140']
++[sql_default] returns invalid
my configuration on the server sending the accounting data looks like:
home_server radiusa.domain {
type = auth+acct
ipaddr = 10.10.9.51
port = 1812
secret = xxx
response_window = 20
zombie_period = 40
revive_interval = 60
status_check = status-server
check_interval = 30
num_ansers_to_alive = 3
}
home_server_pool REALM-RadPool {
type = fail-over
home_server = radiusa.domain
home_server = radiusb.domain
}
realm realm {
type = auth+acct
pool = REALM-RadPool
nostrip
}
i am missing something?
-euro
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Error: rlm_eap: No EAP session matching the State variable.
I have attached radius server failure log messages The supplicant starts EAP, and the server responds with a request for EAP-TLS. The supplicant NAKs it, and asks for EAP-MD5. The server responds with EAP-MD5. The supplicant then responds with a NAK for EAP-MD5. This packet from the AP contains the *old* State variable from the previous NAK. A close look at the packet traces shows that either the supplicant is re-using the old NAK (and confusing the AP), or the AP is re-using an old packet (and confusing the supplicant). Either way, the packet traces on the server show that the server is behaving correctly. The error message about no matching state is because the server has moved on to the *next* step of EAP, and it receives a packet from the *previous* step. So there really is no matching state. Try using another supplicant and/or AP. You won't be able to fix this by editing the server configuration. Alan DeKok. Thanks Alan, I got the problem. The Access point was corrupting the state variable and sending same state for both the sessions. Thanks Rupesh - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Proxied Accounting
Hi,
+- entering group accounting {...}
[sql_default] expand: packet has no accounting status type. [user
'%{User-Name}', nas '%{NAS-IP-Address}'] - packet has no accounting status
type. [user 'b...@realm', nas '10.80.10.140']
[sql_default] packet has no accounting status type. [user 'b...@realm', nas
'10.80.10.140']
++[sql_default] returns invalid
the packet didnt have an accounting status-type.
therefore sql_default couldnt do anything with it - as it needs
such a type to do its thing by default.. have a look at the packets
to see what/why things are not working. eg increase SQL verbosity (log to file)
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
No authenticate method (Auth-Type) configuration found for the request: Rejecting the user
Hi,
I'm newbie in FreeRadius, I installed latest version of it and followed the
steps as mentioned in the websites:
http://www.howtoforge.com/authentication-authorization-and-accounting-with-freeradius-and-mysql-backend-and-webbased-management-with-daloradiusand
http://wiki.freeradius.org/SQL_HOWTO. After configuring basic setup I'm
facing i.e. No authenticate method (Auth-Type) configuration found for the
request: Rejecting the user when I issue radtest sqltest testpwd 127.0.0.1
1812 testing123.
The logs are listed down below;
FreeRADIUS Version 2.1.8, for host i686-pc-linux-gnu, built on Apr 9 2010
at 12:11:15
Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License v2.
Starting - reading configuration files ...
including configuration file /usr/local/etc/raddb/radiusd.conf
including configuration file /usr/local/etc/raddb/proxy.conf
including configuration file /usr/local/etc/raddb/clients.conf
including files in directory /usr/local/etc/raddb/modules/
including configuration file /usr/local/etc/raddb/modules/ldap
including configuration file /usr/local/etc/raddb/modules/inner-eap
including configuration file /usr/local/etc/raddb/modules/linelog
including configuration file /usr/local/etc/raddb/modules/detail
including configuration file /usr/local/etc/raddb/modules/exec
including configuration file /usr/local/etc/raddb/modules/pap
including configuration file /usr/local/etc/raddb/modules/otp
including configuration file /usr/local/etc/raddb/modules/smbpasswd
including configuration file /usr/local/etc/raddb/modules/mac2ip
including configuration file /usr/local/etc/raddb/modules/krb5
including configuration file /usr/local/etc/raddb/modules/detail.log
including configuration file /usr/local/etc/raddb/modules/perl
including configuration file /usr/local/etc/raddb/modules/attr_rewrite
including configuration file /usr/local/etc/raddb/modules/attr_filter
including configuration file /usr/local/etc/raddb/modules/policy
including configuration file /usr/local/etc/raddb/modules/smsotp
including configuration file /usr/local/etc/raddb/modules/counter
including configuration file /usr/local/etc/raddb/modules/etc_group
including configuration file /usr/local/etc/raddb/modules/ippool
including configuration file /usr/local/etc/raddb/modules/mac2vlan
including configuration file /usr/local/etc/raddb/modules/digest
including configuration file /usr/local/etc/raddb/modules/ntlm_auth
including configuration file /usr/local/etc/raddb/modules/passwd
including configuration file
/usr/local/etc/raddb/modules/sqlcounter_expire_on_login
including configuration file /usr/local/etc/raddb/modules/realm
including configuration file /usr/local/etc/raddb/modules/always
including configuration file /usr/local/etc/raddb/modules/expiration
including configuration file /usr/local/etc/raddb/modules/expr
including configuration file /usr/local/etc/raddb/modules/mschap
including configuration file /usr/local/etc/raddb/modules/preprocess
including configuration file /usr/local/etc/raddb/modules/acct_unique
including configuration file /usr/local/etc/raddb/modules/pam
including configuration file /usr/local/etc/raddb/modules/wimax
including configuration file /usr/local/etc/raddb/modules/sql_log
including configuration file /usr/local/etc/raddb/modules/files
including configuration file /usr/local/etc/raddb/modules/radutmp
including configuration file /usr/local/etc/raddb/modules/logintime
including configuration file /usr/local/etc/raddb/modules/unix
including configuration file /usr/local/etc/raddb/modules/checkval
including configuration file /usr/local/etc/raddb/modules/chap
including configuration file /usr/local/etc/raddb/modules/echo
including configuration file /usr/local/etc/raddb/modules/sradutmp
including configuration file /usr/local/etc/raddb/modules/cui
including configuration file /usr/local/etc/raddb/modules/detail.example.com
including configuration file /usr/local/etc/raddb/eap.conf
including configuration file /usr/local/etc/raddb/sql.conf
including configuration file /usr/local/etc/raddb/sql/mysql/dialup.conf
including configuration file /usr/local/etc/raddb/policy.conf
including files in directory /usr/local/etc/raddb/sites-enabled/
including configuration file /usr/local/etc/raddb/sites-enabled/inner-tunnel
including configuration file /usr/local/etc/raddb/sites-enabled/default.orig
including configuration file
/usr/local/etc/raddb/sites-enabled/control-socket
including configuration file /usr/local/etc/raddb/sites-enabled/default
main {
allow_core_dumps = no
}
including dictionary file /usr/local/etc/raddb/dictionary
main {
prefix = /usr/local
localstatedir = /usr/local/var
logdir = /usr/local/var/log/radius
libdir = /usr/local/lib
radacctdir =
Re: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user
hi, the log said [pap] WARNING! No known good password found for the user. Authentication may fail because of this. could you show your users file? ciao omega BK 2010/4/12 Ahmed Munir ahmedmunir...@gmail.com Hi, I'm newbie in FreeRadius, I installed latest version of it and followed the steps as mentioned in the websites: http://www.howtoforge.com/authentication-authorization-and-accounting-with-freeradius-and-mysql-backend-and-webbased-management-with-daloradiusand http://wiki.freeradius.org/SQL_HOWTO. After configuring basic setup I'm facing i.e. No authenticate method (Auth-Type) configuration found for the request: Rejecting the user when I issue radtest sqltest testpwd 127.0.0.1 1812 testing123. The logs are listed down below; FreeRADIUS Version 2.1.8, for host i686-pc-linux-gnu, built on Apr 9 2010 at 12:11:15 Copyright (C) 1999-2009 The FreeRADIUS server project and contributors. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. You may redistribute copies of FreeRADIUS under the terms of the GNU General Public License v2. Starting - reading configuration files ... including configuration file /usr/local/etc/raddb/radiusd.conf including configuration file /usr/local/etc/raddb/proxy.conf including configuration file /usr/local/etc/raddb/clients.conf including files in directory /usr/local/etc/raddb/modules/ including configuration file /usr/local/etc/raddb/modules/ldap including configuration file /usr/local/etc/raddb/modules/inner-eap including configuration file /usr/local/etc/raddb/modules/linelog including configuration file /usr/local/etc/raddb/modules/detail including configuration file /usr/local/etc/raddb/modules/exec including configuration file /usr/local/etc/raddb/modules/pap including configuration file /usr/local/etc/raddb/modules/otp including configuration file /usr/local/etc/raddb/modules/smbpasswd including configuration file /usr/local/etc/raddb/modules/mac2ip including configuration file /usr/local/etc/raddb/modules/krb5 including configuration file /usr/local/etc/raddb/modules/detail.log including configuration file /usr/local/etc/raddb/modules/perl including configuration file /usr/local/etc/raddb/modules/attr_rewrite including configuration file /usr/local/etc/raddb/modules/attr_filter including configuration file /usr/local/etc/raddb/modules/policy including configuration file /usr/local/etc/raddb/modules/smsotp including configuration file /usr/local/etc/raddb/modules/counter including configuration file /usr/local/etc/raddb/modules/etc_group including configuration file /usr/local/etc/raddb/modules/ippool including configuration file /usr/local/etc/raddb/modules/mac2vlan including configuration file /usr/local/etc/raddb/modules/digest including configuration file /usr/local/etc/raddb/modules/ntlm_auth including configuration file /usr/local/etc/raddb/modules/passwd including configuration file /usr/local/etc/raddb/modules/sqlcounter_expire_on_login including configuration file /usr/local/etc/raddb/modules/realm including configuration file /usr/local/etc/raddb/modules/always including configuration file /usr/local/etc/raddb/modules/expiration including configuration file /usr/local/etc/raddb/modules/expr including configuration file /usr/local/etc/raddb/modules/mschap including configuration file /usr/local/etc/raddb/modules/preprocess including configuration file /usr/local/etc/raddb/modules/acct_unique including configuration file /usr/local/etc/raddb/modules/pam including configuration file /usr/local/etc/raddb/modules/wimax including configuration file /usr/local/etc/raddb/modules/sql_log including configuration file /usr/local/etc/raddb/modules/files including configuration file /usr/local/etc/raddb/modules/radutmp including configuration file /usr/local/etc/raddb/modules/logintime including configuration file /usr/local/etc/raddb/modules/unix including configuration file /usr/local/etc/raddb/modules/checkval including configuration file /usr/local/etc/raddb/modules/chap including configuration file /usr/local/etc/raddb/modules/echo including configuration file /usr/local/etc/raddb/modules/sradutmp including configuration file /usr/local/etc/raddb/modules/cui including configuration file /usr/local/etc/raddb/modules/ detail.example.com including configuration file /usr/local/etc/raddb/eap.conf including configuration file /usr/local/etc/raddb/sql.conf including configuration file /usr/local/etc/raddb/sql/mysql/dialup.conf including configuration file /usr/local/etc/raddb/policy.conf including files in directory /usr/local/etc/raddb/sites-enabled/ including configuration file /usr/local/etc/raddb/sites-enabled/inner-tunnel including configuration file /usr/local/etc/raddb/sites-enabled/default.orig including configuration file /usr/local/etc/raddb/sites-enabled/control-socket including configuration file
[2.1.8] No actions performed on (own) received accounting packets.
Hello List, I seen to have a small issue. I have 2 running Freeradius 2.1.8 servers. I have set up proxying via the detail file readers - but for some strange reason, when the packet arrives at the remote server It says that it has received the Accounting-Request but then does no processing. The strange thing is, is that I have accounting packet proxied to me from my up stream provider and they are being processed as expected. Where should I look to see why the server is not processing the Accounting-Request. Kind Regards, Etienne - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user
Hi, I'm newbie in FreeRadius, I installed latest version of it and followed the steps as mentioned in the websites: http://www.howtoforge.com/authentication-authorization-and-accounting-with-freeradius-and-mysql-backend-and-webbased-management-with-daloradius and http://wiki.freeradius.org/SQL_HOWTO. After configuring basic setup I'm facing i.e. No authenticate method (Auth-Type) configuration found for the request: Rejecting the user when I issue radtest sqltest testpwd 127.0.0.1 1812 testing123. the username 'sqltest' gives a slight hint. is this user in 'users' file or in SQL? if the username is in SQL, then you need to activate the SQL stuff (uncomment or add SQL to the auth section) - its not on by default because then all sites would have to have SQL up and running for anything to work (or else it'd crash and burn) alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: IKEv2+PEAP no joy
Stefan Winter wrote: that doesn't reveal much new info. For outer id set, it dumps the inner EAP-Message, but for unset, only the error message. -Xxxx (-Xx looks the same): Hmm... OK. Maybe you need to build a development version. I'll see if I can fix this for 2.1.9, so it prints out the hex by default for bad packets. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: [2.1.8] No actions performed on (own) received accounting packets.
Etienne Pretorius wrote: I have 2 running Freeradius 2.1.8 servers. I have set up proxying via the detail file readers - but for some strange reason, when the packet arrives at the remote server It says that it has received the Accounting-Request but then does no processing. So... what does it say when you run it in debugging mode? The strange thing is, is that I have accounting packet proxied to me from my up stream provider and they are being processed as expected. Where should I look to see why the server is not processing the Accounting-Request. Debug mode. This is in the FAQ, README, INSTALL, man page, and daily on this list. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: [2.1.8] No actions performed on (own) received accounting packets.
Etienne Pretorius wrote: Hello List, I seen to have a small issue. I have 2 running Freeradius 2.1.8 servers. I have set up proxying via the detail file readers - but for some strange reason, when the packet arrives at the remote server It says that it has received the Accounting-Request but then does no processing. The strange thing is, is that I have accounting packet proxied to me from my up stream provider and they are being processed as expected. Where should I look to see why the server is not processing the Accounting-Request. Kind Regards, Etienne - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html Never mind, figured it out :D It was not owned by any virtual server... - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Somewhat OT: Empty SubjectAltName on server certificate (EAP-PEAP)
Hi, I have a certificate with xpextensions but its SubjectAltName is empty. Is Mandatory or only is wrong when its content doesn't match with FQDN? Thanks in advance! -- -- Sergio Belkin http://www.sergiobelkin.com Watch More TV http://sebelk.blogspot.com Sergio Belkin - - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Error: rlm_eap: No EAP session matching the State variable.
hello..
he wanted to know if they can help me with the configuration of a servant
radius in centus 5, what happens is that I am beginner in this.
already and installed the system centus, the packages radius and openssl that
biene in the dvd of intalacion of the centus, configure the radius files
eap.config, radiusd.config, client.config and user, but
when lifting the servant it leaves me failure when lifting the service.
the authentification way that I am using is eap-peap with the incriptacion wpa2
aes.
here sends them the files that it configures.
Atentamente:
Marco Zamora
Date: Mon, 12 Apr 2010 10:07:26 +0530
Subject: Error: rlm_eap: No EAP session matching the State variable.
From: a.rupes...@gmail.com
To: freeradius-users@lists.freeradius.org
Hi,
I am using latest freeradius server (version 2.1.8).
I have two authenticated sessions established with radius server and when
disable and reenable the dot1x sessions, then I am seeing the following error
and one request is getting Reject message from the server.
Info: Found Auth-Type = EAP
Info: +- entering group authenticate {...}
Error: rlm_eap: No EAP session matching the State variable.
Info: [eap] Either EAP-request timed out OR EAP-response to an unknown
EAP-request
Info: [eap] Failed in handler
Info: ++[eap] returns invalid
I have seen the archive and found there are some old issues related to this
error.
Is it a known issue in radius server or what is the root cause of it.
I have attached radius server failure log messages
Thanks in advance !
Cheers
Rupesh
_
Invite your mail contacts to join your friends list with Windows Live Spaces.
It's easy!
http://spaces.live.com/spacesapi.aspx?wx_action=createwx_url=/friends.aspxmkt=en-us
Configuracion.rar
Description: Binary data
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Somewhat OT: Empty SubjectAltName on server certificate (EAP-PEAP)
On 04/12/2010 10:54 AM, Sergio Belkin wrote: Hi, I have a certificate with xpextensions but its SubjectAltName is empty. Is Mandatory or only is wrong when its content doesn't match with FQDN? Thanks in advance! I believe you mean to say you have a certificate with x509 certificate extensions. Do you mean there is a SubjectAltName extension present in the certificate but it's value is empty or do you mean there is no SubjectAltName in the certificate? There are numerous x509 certificate extensions, SubjectAltName is just one of the possibilities, just because a cert has extensions does *not* mean it needs to have SubjectAltName. SubjectAltName needs to be present when the CN component of the certificate subject does not match the FQDN of the server presenting the cert, otherwise it is not necessary. As an aside the SubjectAltName still needs to be validated by some means. -- John Dennis jden...@redhat.com Looking to carve out IT costs? www.redhat.com/carveoutcosts/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
How to handle dynamic update of shared secret and client configuration in free radius
Hello,
I am a client program running on machine A.
It want to talk to free radius on machine B.
{ cleint on Machine A } --- { free radius on machine B}
Now the client wants to dynamically update the shared secret and other client
information
by just talking to the free radius over simple network connection.
After that free radius should use the new information right away as well as
update the
static file(s) in /etc/raddb...
Any pointers for achieveing this would be appreciated.
Thanks,
Rajendra Hegde
The information transmitted is intended only for the person or entity to which
it is addressed and may contain confidential and/or privileged material.
Statements and opinions expressed in this e-mail may not represent those of the
company. Any review, retransmission, dissemination or other use of, or taking
of any action in reliance upon, this information by persons or entities other
than the intended recipient is prohibited. If you received this in error,
please contact the sender immediately and delete the material from any
computer. Please see our legal details at http://www.cryptocard.com
CRYPTOCard Inc. is registered in the province of Ontario, Canada with Business
number 80531 6478. CRYPTOCard Europe is limited liability company registered
in England and Wales (with registered number 05728808 and VAT number 869 3979
41); its registered office is Aztec Centre, Aztec West, Almondsbury, Bristol,
UK, BS32 4TD
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: No authenticate method (Auth-Type) configuration found
Hi, Thanks for reply. Well user is created on SQL, and I uncommented 'sql' from sites-enabled/default on Authorized section and Accounting Section. But when I add 'sql' in Authenticate section I'm getting same error. i.e. [r...@newtest raddb]# radtest sqltest testpwd 127.0.0.1 1812 testing123 Sending Access-Request of id 38 to 127.0.0.1 port 1812 User-Name = sqltest User-Password = testpwd NAS-IP-Address = 127.0.0.1 NAS-Port = 1812 rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=38, length=20 The user I created in SQL listed down below; idusername attribute opvalue 1 sqltest Cleartext-Password:=testpwd Please advise what am I missing? Kindly assist me. Date: Mon, 12 Apr 2010 13:25:45 +0100 From: Alan Buxey a.l.m.bu...@lboro.ac.uk Subject: Re: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user To: FreeRadius users mailing list freeradius-users@lists.freeradius.org Message-ID: 20100412122545.ga14...@lboro.ac.uk Content-Type: text/plain; charset=us-ascii Hi, I'm newbie in FreeRadius, I installed latest version of it and followed the steps as mentioned in the websites: http://www.howtoforge.com/authentication-authorization-and-accounting-with-freeradius-and-mysql-backend-and-webbased-management-with-daloradiusand http://wiki.freeradius.org/SQL_HOWTO. After configuring basic setup I'm facing i.e. No authenticate method (Auth-Type) configuration found for the request: Rejecting the user when I issue radtest sqltest testpwd 127.0.0.1 1812 testing123. the username 'sqltest' gives a slight hint. is this user in 'users' file or in SQL? if the username is in SQL, then you need to activate the SQL stuff (uncomment or add SQL to the auth section) - its not on by default because then all sites would have to have SQL up and running for anything to work (or else it'd crash and burn) alan -- Regards, Ahmed Munir - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
