Thanks to your patience Alan, I have resolved !!!!!!!!!!!!!!!
I have reinstalled freeradius.
The errors was in radiusd.conf.
Sorry but I did not know that for any modify in users file it was needed
restart radiusd :-(
The others old files do not give errors.
I haved included the difference between the bad radiusd.conf file and the good
(my new) radiusd.conf file.
20c20,21
< bind_address = *
---
54,84c55,60
< pap {
< encryption_scheme = crypt
< }
< chap {
< authtype = CHAP
< }
< pam {
< pam_auth = radiusd
< }
< unix {
< cache = no
< cache_reload = 600
< shadow = /etc/shadow
< radwtmp = ${logdir}/radwtmp
< }
< $INCLUDE ${confdir}/eap.conf
< mschap {
< authtype = MS-CHAP
< }
< ldap {
< server = "ldap.your.domain"
< basedn = "o=My Org,c=UA"
< filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
< start_tls = no
< access_attr = "dialupAccess"
< dictionary_mapping = ${raddbdir}/ldap.attrmap
< ldap_connections_number = 5
< timeout = 4
< timelimit = 3
< net_timeout = 1
< }
---
> #$INCLUDE ${confdir}/eap.conf
> eap {
> default_eap_type = md5
> md5 {
> }
> }
136c112
< $INCLUDE ${confdir}/postgresql.conf
---
> $INCLUDE ${confdir}/sql.conf
173a150
>
175a153
>
177a156,157
>
> preprocess
182,197d161
< exec echo {
< wait = yes
< program = "/bin/echo %{User-Name}"
< input_pairs = request
< output_pairs = reply
< }
< ippool main_pool {
< range-start = 192.168.1.1
< range-stop = 192.168.3.254
< netmask = 255.255.255.0
< cache-size = 800
< session-db = ${raddbdir}/db.ippool
< ip-index = ${raddbdir}/db.ipindex
< override = no
< maximum-timeout = 0
< }
205,207d168
< chap
< mschap
< suffix
209,210d169
< files
< sql
213,222d171
< Auth-Type PAP {
< pap
< }
< Auth-Type CHAP {
< chap
< }
< Auth-Type MS-CHAP {
< mschap
< }
< unix
225a175
> files
233d182
< unix
234a184
> sql
237a188
> sql
239a191
> sql
244d195
Good year to all the participants to the mailing-list!!!!!!!!!!!!!!!
BYE
On Thu, Dec 29, 2005 at 02:22:19AM -0500, Alan DeKok wrote:
> From: "Alan DeKok" <[EMAIL PROTECTED]>
> To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org>
> Date: Thu, 29 Dec 2005 02:22:19 -0500
> Subject: Re: EAP-MD5 Authentication problem
>
> Marco Spiga <[EMAIL PROTECTED]> wrote:
> > However as soon as installed freeradius I have tried radtest and it worked
> > well, also whith users inserted in
> > radcheck table of postgresql and authentication EAP MD5 has not never
> > worked.
>
> The entry in the "users" file isn't being matched because you edited
> radiusd.conf, and broke the server.
>
> > modcall: entering group authorize for request 0
> > modcall[authorize]: module "preprocess" returns ok for request 0
> > rlm_eap: EAP packet type response id 210 length 9
> > rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
> > modcall[authorize]: module "eap" returns updated for request 0
> > modcall: group authorize returns updated for request 0
>
> See? There's no mention of the "files" module, or that any entry in
> the "users" file was matched. So you can edit the "users" file
> forever, and it won't affect anything... because *you* told the server
> to not look at the "users" file.
>
> > # eap sets the authenticate type as EAP
> > authorize {
> > ...
> > eap
> > }
>
> And rather than quoting your exact "authorize" section, you've
> edited it.
>
> Since I can read the debug output, I can tell what you've done. But
> by editing the "radiusd.conf" pieces you quoted, you've gone out of
> your way to make it more difficult for anyone to be able to help you.
>
> In short, if you don't know what the entries in "radiusd.conf" do,
> DON'T EDIT THEM. The default configuration is set up that way for a
> reason. IT WORKS.
>
> If you had used the default configuration, the "users" file entry
> would have worked as I said. But because you edited the default
> configuration (and didn't say you edited it), you broke it, and the
> "users" fil entry didn't work.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
---fine del testo---
--
!!!!! Messaggio da Marco !!!!!
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
