Thanks Dusty, I'll get all this for you.
It all works fine on an older release is what is really making it
very hard.
Yes, we want it to do both. Chap & PAP
Dusty Doris wrote:
The only part the does not work is the chap authentication all other
authentication works as it should. Our wholesale provider says we are
doing PAP just fine but no chap. They had very old instructions for
Freeradius but decided to start out with a totally clean install.
This user below is in mysql database, and the system passwd/shadow files.
He will not authenticate with the mysql database when we include a realm
@domain
and chap password.
It gets the slipstream false from the database so I'm not sure why it
won't authenticate
the rest.
Thread 1 handling request 0, (1 handled so far)
User-Name = "[EMAIL PROTECTED]"
User-Password = "test123"
NAS-IP-Address = 255.255.255.255
NAS-Port = 100
I don't see a CHAP password in there.
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
hints: Matched other at 80
You matched on the hints file on line 80 - what does your hints file say?
modcall[authorize]: module "preprocess" returns ok for request 0
modcall[authorize]: module "attr_filter" returns noop for request 0
modcall[authorize]: module "chap" returns noop for request 0
rlm_realm: No '@' in User-Name = "rniclh", skipping NULL due to config.
modcall[authorize]: module "suffix" returns noop for request 0
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 0
users: Matched entry DEFAULT at line 159
users: Matched entry DEFAULT at line 178
users: Matched entry DEFAULT at line 190
You matched the users file in three seperate lines, 159, 178, and 190.
What does your users file say on each of those lines?
modcall[authorize]: module "files" returns ok for request 0
radius_xlat: 'rniclh'
rlm_sql (sql): sql_set_user escaped user --> 'rniclh'
...
modcall[authorize]: module "sql" returns ok for request 0
modcall: group authorize returns ok for request 0
Your sql call returned OK, that means the sql part worked.
rad_check_password: Found Auth-Type System
auth: type "System"
Now it just got changed to Auth-Type System. Is this from your users
file?
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 0
rlm_unix: [rniclh]: invalid password
You authenticated with the unix module, is that what you want? The user
failed because the password did not match your /etc/passwd file.
modcall[authenticate]: module "unix" returns reject for request 0
modcall: group authenticate returns reject for request 0
auth: Failed to validate the user.
I would look at your hints file and your users file to the lines it
matched at - post them here if you want us to take a look at it. Also, if
you don't want to use /etc/passwd, then disable the unix module in the
authentication section.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
