Hi Can you explain why it can work for NT RAS with using db file?
Debug for NT RAS: rad_recv: Access-Request packet from host 192.168.59.244:1068, id=26, length=92 User-Name = "kkho" CHAP-Challenge = "\275\376V\366;43\354\360P;\276&a\302\001" CHAP-Password = 0x08091bdcb6d497ec98ea941725a9adcc12 NAS-Port = 0 Framed-Protocol = PPP NAS-Identifier = "AUD_AGENT" NAS-Port-Type = Async modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok rlm_chap: Adding Auth-Type = CHAP modcall[authorize]: module "chap" returns ok rlm_realm: Looking up realm NULL for User-Name = "kkho" rlm_realm: No such realm NULL modcall[authorize]: module "suffix" returns noop radius_xlat: 'kkho' sql_set_user: escaped user --> 'kkho' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Usernam e = 'kkho' ORDER BY id' rlm_sql: Reserving sql socket id: 4 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Att ribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'kkho' AND usergroup.GroupName = radgroupcheck.GroupName OR DER BY radgroupcheck.id' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Usernam e = 'kkho' ORDER BY id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Att ribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'kkho' AND usergroup.GroupName = radgroupreply.GroupName OR DER BY radgroupreply.id' radius_xlat: 'SELECT Value,Attribute FROM radcheck WHERE UserName = 'kkho' AND ( Attribute = 'User-Password' OR Attribute = 'Password' OR Attribute = 'Crypt-Pa ssword' ) ORDER BY Attribute DESC' rlm_sql: Released sql socket id: 4 modcall[authorize]: module "sql" returns ok users: Matched DEFAULT at 173 users: Matched DEFAULT at 179 modcall[authorize]: module "files" returns ok rlm_ippool: Searching for an entry for nas/port: /0 rlm_ippool: Found a stale entry for ip/port: 192.168.59.194/0 rlm_ippool: num: 0 rlm_ippool: num: 1 rlm_ippool: Allocated ip 192.168.59.194 to client on nas ,port 0 modcall[authorize]: module "RAS" returns ok modcall[authorize]: module "RAS1" returns noop modcall: group authorize returns ok rad_check_password: Found Auth-Type CHAPPAP auth: type "CHAPPAP" modcall: entering group authtype rlm_chap: login attempt by "kkho" with CHAP password ???ܶÔ?ì?ê??%©Ì? rlm_chap: Using clear text password kkho for user kkho authentication. rlm_chap: chap user kkho authenticated succesfully modcall[authenticate]: module "chap" returns ok modcall: group authtype returns ok Sending Access-Accept of id 26 to 192.168.59.244:1068 Framed-Compression = Van-Jacobson-TCP-IP Framed-Protocol = PPP Service-Type = Framed-User Framed-MTU = 1500 Framed-IP-Address = 192.168.59.194 Finished request 0 Going to the next request Debug for Cisco NAS: rad_recv: Access-Request packet from host 192.168.31.10:1645, id=122, length=95 NAS-IP-Address = 192.168.31.10 NAS-Port = 15 NAS-Port-Type = Async User-Name = "kkho" Called-Station-Id = "19096" Calling-Station-Id = "90200959" User-Password = "h\035\272:4Bcp\202\371\227\274\325\337U\022" Service-Type = Framed-User Framed-Protocol = PPP modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok rlm_chap: Could not find proper Chap-Password attribute in request modcall[authorize]: module "chap" returns noop rlm_realm: Looking up realm NULL for User-Name = "kkho" rlm_realm: No such realm NULL modcall[authorize]: module "suffix" returns noop radius_xlat: 'kkho' sql_set_user: escaped user --> 'kkho' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Usernam e = 'kkho' ORDER BY id' rlm_sql: Reserving sql socket id: 4 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Att ribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'kkho' AND usergroup.GroupName = radgroupcheck.GroupName OR DER BY radgroupcheck.id' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Usernam e = 'kkho' ORDER BY id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Att ribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'kkho' AND usergroup.GroupName = radgroupreply.GroupName OR DER BY radgroupreply.id' radius_xlat: 'SELECT Value,Attribute FROM radcheck WHERE UserName = 'kkho' AND ( Attribute = 'User-Password' OR Attribute = 'Password' OR Attribute = 'Crypt-Pa ssword' ) ORDER BY Attribute DESC' rlm_sql: Released sql socket id: 4 modcall[authorize]: module "sql" returns ok users: Matched DEFAULT at 176 users: Matched DEFAULT at 179 modcall[authorize]: module "files" returns ok modcall[authorize]: module "RAS" returns noop rlm_ippool: Searching for an entry for nas/port: 192.168.31.10/15 rlm_ippool: No available ip addresses in pool. modcall[authorize]: module "RAS1" returns noop modcall: group authorize returns ok rad_check_password: Found Auth-Type CHAPPAP auth: type "CHAPPAP" modcall: entering group authtype rlm_chap: Attribute "CHAP-Password" is required for authentication. Cannot use " User-Password". modcall[authenticate]: module "chap" returns invalid rlm_pap: login attempt by "kkho" with password kkho rlm_pap: Using password kkho for user kkho authentication. rlm_pap: Using clear text password. rlm_pap: User authenticated succesfully modcall[authenticate]: module "pap" returns ok modcall: group authtype returns ok Sending Access-Accept of id 122 to 192.168.31.10:1645 Framed-Compression = Van-Jacobson-TCP-IP Framed-Protocol = PPP Service-Type = Framed-User Framed-MTU = 1500 Finished request 5 Going to the next request and Users Profile: DEFAULT NAS-IP-Address == 192.168.59.244, Auth-Type := Accept, Pool-Name := "RAS" Fall-Through = 1 DEFAULT NAS-IP-Address == 192.168.31.10, Auth-Type := Accept, Pool-Name := "RAS1" Fall-Through = 1 DEFAULT Auth-Type := CHAPPAP radiusd.conf: ippool RAS { range-start = 192.168.59.193 range-stop = 192.168.59.195 netmask = 255.255.255.0 cache-size = 3 session-db = ${raddbdir}/db.ippool ip-index = ${raddbdir}/db.ipindex } ippool RAS1 { range-start = 192.168.31.193 range-stop = 192.168.31.195 netmask = 255.255.255.0 cache-size = 3 session-db = ${raddbdir}/db1.ippool ip-index = ${raddbdir}/db1.ipindex } Authorize { preprocess chap suffix sql files RAS RAS1 } authenticate { unix authtype CHAPPAP { chap pap } } accounting { unix sql RAS RAS1 radutmp } --- Kostas Kalevras <[EMAIL PROTECTED]> wrote: > On Fri, 20 Sep 2002, [iso-8859-1] ho k wrote: > > > rad_recv: Access-Request packet from host > > 192.168.31.10:1645, id=112, length=92 > > NAS-IP-Address = 192.168.31.10 > > NAS-Port = 30 > > NAS-Port-Type = Async > > User-Name = "b" > > Called-Station-Id = "190962" > > Calling-Station-Id = "85290200959" > > User-Password = > > > "t\365\000\261\324[\324\025_Z\r\324\306\035\217\356" > > attribute in request > > modcall[authorize]: module "chap" returns noop > > rlm_realm: Looking up realm NULL for User-Name > = > > "b" > > rlm_realm: No such realm NULL > > modcall[authorize]: module "suffix" returns noop > > rlm_ippool: Searching for an entry for nas/port: > > 192.168.31.10/30 > > rlm_ippool: No available ip addresses in pool. > > So, that's the problem. Delete the db files and it > should work ok. > > > modcall[authorize]: module "RAS1" returns noop > > modcall: group authorize returns ok > > rad_check_password: Found Auth-Type Local > > auth: type Local > > auth: user supplied User-Password matches local > > User-Password > > Sending Access-Accept of id 112 to > 192.168.31.10:1645 > > Service-Type = Framed-User > > Framed-Protocol = PPP > > Framed-Routing = Broadcast-Listen > > Framed-MTU = 1500 > > Framed-Compression = Van-Jacobson-TCP-IP > > Finished request 1 > > Going to the next request > > > > -- > Kostas Kalevras Network Operations Center > [EMAIL PROTECTED] National Technical University of > Athens, Greece > Work Phone: +30 10 7721861 > 'Go back to the shadow' Gandalf > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html _______________________________________________________________________ Do You Yahoo!? Get your free @yahoo.com.hk address at http://mail.english.yahoo.com.hk - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html