----- Original Message -----
From: "Christopher Carver" <[EMAIL PROTECTED]>
To: "FreeRadius users mailing list" <freeradius-users@lists.freeradius.org>
Sent: Tuesday, November 29, 2005 11:04 AM
Subject: Re: Configuring RADIUS Users
Madhuraka Godahewa wrote:
Hi All, I installed freeRADIUS 1.0.5 recently, and configured the server
as described in the documentation files. My operating system is SUSE Linux
9.2. When I run the 'radiusd -X' from the shell, the last four lines of
the output are as follows. < Listening on authentication
10.128.253.110:1812 Listening on accounting 10.128.253.110:1813 Listening
on proxy 10.128.253.110:1814 Ready to process requests.
10.128.253.110 is the IP Address given to the Radius Server. Then, I
created a test account named 'root' with the password 'root'. Then, I ran
the radtest (from the RADIUS Server itself) and got the following output.
< Sending Access-Request of id 195 to 10.128.253.110:1812 User-Name =
"root" User-Password = "root" NAS-IP-Address = rajith-office NAS-Port =
1812 rad_recv: Access-Accept packet from host 10.128.253.110:1812,
id=195, length=20
'rajith-office' is the name given to the RADIUS Server. In the debug
shell, I obtained the following output. < rad_recv: Access-Request packet
from host 10.128.253.110:1025, id=195, length=56 User-Name = "root"
User-Password = "root" NAS-IP-Address = 255.255.255.255 NAS-Port = 1812
Processing the authorize section of radiusd.conf modcall: entering group
authorize for request 0 modcall[authorize]: module "preprocess" returns ok
for request 0 modcall[authorize]: module "chap" returns noop for request 0
modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm:
No '@' in User-Name = "root", looking up realm NULL rlm_realm: No such
realm "NULL" modcall[authorize]: module "suffix" returns noop for request
0 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap"
returns noop for request 0 users: Matched root at 153 users: Matched
DEFAULT at 157 modcall[authorize]: module "files" returns ok for request 0
modcall: group authorize returns ok for request 0 rad_check_password:
Found Auth-Type Local auth: type Local auth: user supplied User-Password
matches local User-Password Sending Access-Accept of id 195 to
10.128.253.110:1025 Finished request 0 Going to the next request ---
Walking the entire request list ---
Waking up in 6 seconds... --- Walking the entire request list ---
Cleaning up request 0 ID 195 with timestamp 438c1bca Nothing to do.
Sleeping until we see a request.
Now my problem is, when I try to send an access-request (using the Radius
Test Utility) from another machine (running Windows XP), which is in the
same network, the server does not says that it receives an
access-request. Does anybody know, where the problem is? You should be
seeing something if the requests is even making it to the
radiusd process. Use tcpdump on the server to ensure you are receiving
the request. 'tcpdump port 1812' should do it. If you see nothing, you
have a firewall/network connectivity issue on the server or client.
Chris Carver
-
But root does not allow logins that way if his system is setup not to and
most Linux
variants do that automatically. You have to "su" to get root access after
you log in
with regular user. Maybe create a different user and try it.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
