proxy authentication

stambazzi andrea Tue, 08 Jul 2003 02:29:17 -0700

PLEASE ANYONE HELP ME

I'm trying to authenticate user from a proxy radius to my radius but
i have some problem.


this is my network configuration:

        NAS ---> PROXY ---> MY RADIUS

PROXY        : 192.168.1.25
MY RADIUS : 192.168.1.5

now ... to try the authentication procedure i use radclient on PROXY machine 
to authenticate on MY RADIUS like the sequent:

echo "User-Name = [EMAIL PROTECTED]" | radclient 192.168.1.5 auth wb5

( IMPORTANT: if i try to authenticate on local machine MY RADIUS with 
the seem user name without realm @pbc all gone ok ).


the sequent is the report of radiusd -X on the machine MY RADIUS:




rad_recv: Access-Request packet from host 192.168.1.25:49404, id=224, length=34
        User-Name = "[EMAIL PROTECTED]"
modcall: entering group authorize
  modcall[authorize]: module "preprocess" returns ok
    rlm_realm: Looking up realm pbc for User-Name = "[EMAIL PROTECTED]"
    rlm_realm: Found realm pbc
    rlm_realm: Adding Stripped-User-Name = "ES_PROVA"
  rlm_realm: Proxying request from user ES_PROVA to realm pbc
    rlm_realm: Adding Realm = "pbc"
rlm_realm:  Preparing to proxy authentication request to realm pbc
  modcall[authorize]: module "suffix" returns updated
  modcall[authorize]: module "files" returns notfound
radius_xlat:  'ES_PROVA'
rlm_sql (sql): sql_set_user escaped user --> 'ES_PROVA'
radius_xlat:  'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 
'ES_PROVA' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 4
radius_xlat:  'SELECT 
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
  FROM radgroupcheck,usergroup WHERE usergroup.Username = 'ES_PROVA' AND 
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat:  'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 
'ES_PROVA' ORDER BY id'
radius_xlat:  'SELECT 
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
  FROM radgroupreply,usergroup WHERE usergroup.Username = 'ES_PROVA' AND 
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql (sql): Released sql socket id: 4
  modcall[authorize]: module "sql" returns ok
modcall: group authorize returns updated
Sending Access-Request of id 1 to 192.168.1.25:1812
        User-Name = "ES_PROVA"
        NAS-IP-Address = 192.168.1.25
        Proxy-State = "224"
SMUX connect try 2
Can't connect to SNMP agent with SMUX: Connection refused
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.1.25:49404, id=224, length=34
Dropping conflicting packet from client webfive:49404 - ID: 224 due to unfinished 
request 0
SMUX connect try 3
Can't connect to SNMP agent with SMUX: Connection refused
--- Walking the entire request list ---
Waking up in 3 seconds...
--- Walking the entire request list ---
Re-sending Access-Request of id 1 to 192.168.1.25:1812
        User-Name = "ES_PROVA"
        NAS-IP-Address = 192.168.1.25
        Client-IP-Address = 192.168.1.25
        Realm = "pbc"
        Realm = "pbc"
        Proxy-State = "224"
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 192.168.1.25:49404, id=224, length=34
Dropping conflicting packet from client webfive:49404 - ID: 224 due to unfinished 
request 0
rl_next:  returning NULL
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 192.168.1.25:49404, id=224, length=34
Dropping conflicting packet from client webfive:49404 - ID: 224 due to unfinished 
request 0
--- Walking the entire request list ---
Waking up in 2 seconds...
--- Walking the entire request list ---
Re-sending Access-Request of id 1 to 192.168.1.25:1812
        User-Name = "ES_PROVA"
        NAS-IP-Address = 192.168.1.25
        Client-IP-Address = 192.168.1.25
        Realm = "pbc"
        Realm = "pbc"
        Proxy-State = "224"
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 192.168.1.25:49404, id=224, length=34
Dropping conflicting packet from client webfive:49404 - ID: 224 due to unfinished 
request 0
--- Walking the entire request list ---
Waking up in 4 seconds...
rad_recv: Access-Request packet from host 192.168.1.25:49404, id=224, length=34
Dropping conflicting packet from client webfive:49404 - ID: 224 due to unfinished 
request 0
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Server rejecting request 0.
marking authentication server 192.168.1.25:1812 for realm pbc dead
Waking up in 0 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 224 to 192.168.1.25:49404
Cleaning up request 0 ID 224 with timestamp 3f0a7e77
Nothing to do.  Sleeping until we see a request.



Now .. anyone know why radiusd try to connect  with SNMP with SMUX ????
Because i don't know .... i'm really confuse about this PLEASE ANYONE 
HELP ME


by Stamba




- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

proxy authentication

Reply via email to