This is the error we are getting when a PAP user tries to log in. They are
in the passwd/shadow files.
Thread 1 handling request 0, (1 handled so far)
User-Name = "username"
User-Password = "*****"
NAS-IP-Address = 65.169.xxx.x(Omitted)
NAS-Port = 31
Service-Type = Framed-User
Framed-Protocol = PPP
USR-Connect-Speed = 16800-BPS
USR-Modulation-Type = v32Terbo
USR-Simplified-MNP-Levels = mnpLevel4
USR-Simplified-V42bis-Usage = none
USR-Chassis-Call-Slot = 0
USR-Chassis-Call-Span = 1
USR-Chassis-Call-Channel = 2
NAS-Identifier = "ras1"
Acct-Session-Id = "07020118"
NAS-Port-Type = Async
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
modcall[authorize]: module "chap" returns noop for request 0
modcall[authorize]: module "eap" returns noop for request 0
rlm_realm: No '@' in User-Name = "bertram", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 0
radius_xlat: ''
modcall[authorize]: module "sql" returns fail for request 0
modcall: group authorize returns fail for request 0
There was no response configured: rejecting request 0
Server rejecting request 0.
Finished request 0
Going to the next request
Thread 1 waiting to be assigned a request
rad_recv: Access-Request packet from host 65.169.xxx.x:1645, id=110,
length=191
Sending Access-Reject of id 110 to 65.169.xxx.x:1645
----- Original Message -----
From: "Milver S. Nisay" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, April 20, 2004 12:34 PM
Subject: Re: PAP/CHAP
> > I was told that FreeRadius can answer PAP/CHAP at the same
> > time that it didn't care.
>
> Yes, freeradius does not care what authentication request are coming in,
> whether PAP/CHAP or system authenticated
> accounts. If freeradius was configured properly, it will reply as it was
> tasked to do.
>
> > The problem I'm having is if a user loges in with no realm (PAP) and
> > there user name is in the system files, it doesn't work. If I use a
> > different user and log in to our wholesale(CHAP) side the user name in
the
> mysql
> > database does fine.
>
> no realm or with realm, freeradius does not care, it will do what we
design
> its radiusd.conf to be.
> there's a work around, PAP accounts can be configured to be authenticated
> based from account names, password and
> expiration attributes and others inside MySQL database too, without
ofcourse
> using /etc/passwd and /etc/shadow files.
>
> > How do I tell FreeRadius to look in the system file first and then the
> > Local (mySQL) second if not found in the System files?
>
> it does and that is why you don't need to..
>
> > I did not really want to run two radius on the same machine on different
> > ports if at all possible.
>
> if you like it that way, it can be worked out without considering pros and
> cons.
> >
> > Other than this little snag, I have all my tools to work everything from
> the
> > command prompt. Add, Disable, Enable, Remove, etc..
>
> hope this helps.
>
> //milver
>
>
>
> -
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
