I just tested the exact same setup but this time accessing this radius server directly (instead of thru a proxy) and it works fine. So the proxy is changing something. Thoughts?

Bill Schoolfield wrote:
Hello,

I'm getting "No matching entry in the database for request from user" returned from the sql lookup. Below I have the radclient and server diagnostics interlaced. All look correct and the querries are good (see below for them). What is wrong?

Bill



/usr/local/bin/radclient -x -f radclient.dat2 "194.54.234.234:1814"
auth example

Sending Access-Request of id 33 to 194.54.234.234:1814
        Acct-Session-Id = "6000006B"
        User-Name = "[EMAIL PROTECTED]"
        User-Password = "example"
        NAS-IP-Address = 194.126.63.86
        NAS-Port-Id = "32"
        NAS-Port-Type = Async
        Service-Type = Framed-User
        Framed-Protocol = PPP
rad_recv: Access-Request packet from host 194.54.234.234:1814, id=29, length=94
        Acct-Session-Id = "6000006B"
        User-Name = "GLF0000002"
        User-Password = "example"
        NAS-IP-Address = 194.126.63.86
        NAS-Port-Id = "32"
        NAS-Port-Type = Async
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Proxy-State = 0x30303164
rlm_sql (sql): Reserving sql socket id: 4
rlm_sql_mysql: query: SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE Username = 'GLF0000002' ORDER BY id rlm_sql_mysql: query: SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'GLF0000002' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id rlm_sql_mysql: query: SELECT id, UserName, Attribute, Value, op FROM radreply WHERE Username = 'GLF0000002' ORDER BY id rlm_sql_mysql: query: SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'GLF0000002' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id rlm_sql (sql): No matching entry in the database for request from user [GLF0000002]
rlm_sql (sql): Released sql socket id: 4
Re-sending Access-Request of id 33 to 194.54.234.234:1814
        Acct-Session-Id = "6000006B"
        User-Name = "[EMAIL PROTECTED]"
User-Password = "\291\246\352\320\006\303p\316\230\n%\353\255\202J\341"
        Group = "default"
        NAS-IP-Address = 194.126.63.86
        NAS-Port-Id = "32"
        NAS-Port-Type = Async
        Service-Type = Framed-User
        Framed-Protocol = PPP
rad_recv: Access-Request packet from host 194.54.234.234:1814, id=29, length=94
Sending Access-Reject of id 29 to 194.54.234.234:1814
        Proxy-State = 0x30303164
rad_recv: Access-Reject packet from host 194.54.234.234:1814, id=33, length=54
        Reply-Message = "Proxied request"
        Reply-Message = "Proxied request"




Here are the querries from above. They all work:


mysql> SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE Username = 'GLF0000002' ORDER BY id;
+-------+------------+-----------------+---------------+----+
| id    | UserName   | Attribute       | Value         | op |
+-------+------------+-----------------+---------------+----+
| 60647 | GLF0000002 | Crypt-Password  | SMVdbmrqLzh2A | == |
| 60648 | GLF0000002 | Session-Timeout | 7200          | == |
+-------+------------+-----------------+---------------+----+
2 rows in set (0.00 sec)

mysql> SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'GLF0000002' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id;
+----+-----------+------------------+-------------+----+
| id | GroupName | Attribute        | Value       | op |
+----+-----------+------------------+-------------+----+
|  1 | default   | Auth-Type        | Pap         | := |
|  2 | default   | Service-Type     | Framed-User | := |
|  3 | default   | Framed-Protocol  | PPP         | := |
|  4 | default   | Simultaneous-Use | 1           | := |
+----+-----------+------------------+-------------+----+
4 rows in set (0.00 sec)

mysql> SELECT id, UserName, Attribute, Value, op FROM radreply WHERE Username = 'GLF0000002' ORDER BY id;
+----+------------+------------------+-------+----+
| id | UserName   | Attribute        | Value | op |
+----+------------+------------------+-------+----+
| 11 | GLF0000002 | Simultaneous-Use | 1     | := |
+----+------------+------------------+-------+----+
1 row in set (0.00 sec)

mysql> SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'GLF0000002' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id;
+----+-----------+-------------------+-----------------+----+
| id | GroupName | Attribute         | Value           | op |
+----+-----------+-------------------+-----------------+----+
|  2 | default   | Framed-Protocol   | PPP             | := |
|  3 | default   | Service-Type      | Framed-User     | := |
|  4 | default   | Framed-MTU        | 1500            | := |
|  5 | default   | Simultaneous-Use  | 1               | := |
|  6 | default   | Framed-IP-Netmask | 255.255.255.255 | := |
|  7 | default   | Idle-Timeout      | 900             | := |
+----+-----------+-------------------+-----------------+----+
6 rows in set (0.01 sec)




--
Bill Schoolfield
Vice President, BillMax
[EMAIL PROTECTED]
877.245.5629 (USA toll free)
817.446.7776 (International)
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to