I just tested the exact same setup but this time accessing this radius
server directly (instead of thru a proxy) and it works fine. So the
proxy is changing something. Thoughts?
Bill Schoolfield wrote:
Hello,
I'm getting "No matching entry in the database for request from user"
returned from the sql lookup. Below I have the radclient and server
diagnostics interlaced. All look correct and the querries are good (see
below for them). What is wrong?
Bill
/usr/local/bin/radclient -x -f radclient.dat2 "194.54.234.234:1814"
auth example
Sending Access-Request of id 33 to 194.54.234.234:1814
Acct-Session-Id = "6000006B"
User-Name = "[EMAIL PROTECTED]"
User-Password = "example"
NAS-IP-Address = 194.126.63.86
NAS-Port-Id = "32"
NAS-Port-Type = Async
Service-Type = Framed-User
Framed-Protocol = PPP
rad_recv: Access-Request packet from host 194.54.234.234:1814, id=29,
length=94
Acct-Session-Id = "6000006B"
User-Name = "GLF0000002"
User-Password = "example"
NAS-IP-Address = 194.126.63.86
NAS-Port-Id = "32"
NAS-Port-Type = Async
Service-Type = Framed-User
Framed-Protocol = PPP
Proxy-State = 0x30303164
rlm_sql (sql): Reserving sql socket id: 4
rlm_sql_mysql: query: SELECT id, UserName, Attribute, Value, op FROM
radcheck WHERE Username = 'GLF0000002' ORDER BY id
rlm_sql_mysql: query: SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'GLF0000002'
AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id
rlm_sql_mysql: query: SELECT id, UserName, Attribute, Value, op FROM
radreply WHERE Username = 'GLF0000002' ORDER BY id
rlm_sql_mysql: query: SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'GLF0000002'
AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id
rlm_sql (sql): No matching entry in the database for request from user
[GLF0000002]
rlm_sql (sql): Released sql socket id: 4
Re-sending Access-Request of id 33 to 194.54.234.234:1814
Acct-Session-Id = "6000006B"
User-Name = "[EMAIL PROTECTED]"
User-Password =
"\291\246\352\320\006\303p\316\230\n%\353\255\202J\341"
Group = "default"
NAS-IP-Address = 194.126.63.86
NAS-Port-Id = "32"
NAS-Port-Type = Async
Service-Type = Framed-User
Framed-Protocol = PPP
rad_recv: Access-Request packet from host 194.54.234.234:1814, id=29,
length=94
Sending Access-Reject of id 29 to 194.54.234.234:1814
Proxy-State = 0x30303164
rad_recv: Access-Reject packet from host 194.54.234.234:1814, id=33,
length=54
Reply-Message = "Proxied request"
Reply-Message = "Proxied request"
Here are the querries from above. They all work:
mysql> SELECT id, UserName, Attribute, Value, op FROM radcheck
WHERE Username = 'GLF0000002' ORDER BY id;
+-------+------------+-----------------+---------------+----+
| id | UserName | Attribute | Value | op |
+-------+------------+-----------------+---------------+----+
| 60647 | GLF0000002 | Crypt-Password | SMVdbmrqLzh2A | == |
| 60648 | GLF0000002 | Session-Timeout | 7200 | == |
+-------+------------+-----------------+---------------+----+
2 rows in set (0.00 sec)
mysql> SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'GLF0000002'
AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY
radgroupcheck.id;
+----+-----------+------------------+-------------+----+
| id | GroupName | Attribute | Value | op |
+----+-----------+------------------+-------------+----+
| 1 | default | Auth-Type | Pap | := |
| 2 | default | Service-Type | Framed-User | := |
| 3 | default | Framed-Protocol | PPP | := |
| 4 | default | Simultaneous-Use | 1 | := |
+----+-----------+------------------+-------------+----+
4 rows in set (0.00 sec)
mysql> SELECT id, UserName, Attribute, Value, op FROM radreply
WHERE Username = 'GLF0000002' ORDER BY id;
+----+------------+------------------+-------+----+
| id | UserName | Attribute | Value | op |
+----+------------+------------------+-------+----+
| 11 | GLF0000002 | Simultaneous-Use | 1 | := |
+----+------------+------------------+-------+----+
1 row in set (0.00 sec)
mysql> SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'GLF0000002'
AND usergroup.GroupName = radgroupreply.GroupName ORDER BY
radgroupreply.id;
+----+-----------+-------------------+-----------------+----+
| id | GroupName | Attribute | Value | op |
+----+-----------+-------------------+-----------------+----+
| 2 | default | Framed-Protocol | PPP | := |
| 3 | default | Service-Type | Framed-User | := |
| 4 | default | Framed-MTU | 1500 | := |
| 5 | default | Simultaneous-Use | 1 | := |
| 6 | default | Framed-IP-Netmask | 255.255.255.255 | := |
| 7 | default | Idle-Timeout | 900 | := |
+----+-----------+-------------------+-----------------+----+
6 rows in set (0.01 sec)
--
Bill Schoolfield
Vice President, BillMax
[EMAIL PROTECTED]
877.245.5629 (USA toll free)
817.446.7776 (International)
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html