Thanks to your patience Alan, I have resolved !!!!!!!!!!!!!!! I have reinstalled freeradius. The errors was in radiusd.conf. Sorry but I did not know that for any modify in users file it was needed restart radiusd :-( The others old files do not give errors.
I haved included the difference between the bad radiusd.conf file and the good (my new) radiusd.conf file. 20c20,21 < bind_address = * --- 54,84c55,60 < pap { < encryption_scheme = crypt < } < chap { < authtype = CHAP < } < pam { < pam_auth = radiusd < } < unix { < cache = no < cache_reload = 600 < shadow = /etc/shadow < radwtmp = ${logdir}/radwtmp < } < $INCLUDE ${confdir}/eap.conf < mschap { < authtype = MS-CHAP < } < ldap { < server = "ldap.your.domain" < basedn = "o=My Org,c=UA" < filter = "(uid=%{Stripped-User-Name:-%{User-Name}})" < start_tls = no < access_attr = "dialupAccess" < dictionary_mapping = ${raddbdir}/ldap.attrmap < ldap_connections_number = 5 < timeout = 4 < timelimit = 3 < net_timeout = 1 < } --- > #$INCLUDE ${confdir}/eap.conf > eap { > default_eap_type = md5 > md5 { > } > } 136c112 < $INCLUDE ${confdir}/postgresql.conf --- > $INCLUDE ${confdir}/sql.conf 173a150 > 175a153 > 177a156,157 > > preprocess 182,197d161 < exec echo { < wait = yes < program = "/bin/echo %{User-Name}" < input_pairs = request < output_pairs = reply < } < ippool main_pool { < range-start = 192.168.1.1 < range-stop = 192.168.3.254 < netmask = 255.255.255.0 < cache-size = 800 < session-db = ${raddbdir}/db.ippool < ip-index = ${raddbdir}/db.ipindex < override = no < maximum-timeout = 0 < } 205,207d168 < chap < mschap < suffix 209,210d169 < files < sql 213,222d171 < Auth-Type PAP { < pap < } < Auth-Type CHAP { < chap < } < Auth-Type MS-CHAP { < mschap < } < unix 225a175 > files 233d182 < unix 234a184 > sql 237a188 > sql 239a191 > sql 244d195 Good year to all the participants to the mailing-list!!!!!!!!!!!!!!! BYE On Thu, Dec 29, 2005 at 02:22:19AM -0500, Alan DeKok wrote: > From: "Alan DeKok" <[EMAIL PROTECTED]> > To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> > Date: Thu, 29 Dec 2005 02:22:19 -0500 > Subject: Re: EAP-MD5 Authentication problem > > Marco Spiga <[EMAIL PROTECTED]> wrote: > > However as soon as installed freeradius I have tried radtest and it worked > > well, also whith users inserted in > > radcheck table of postgresql and authentication EAP MD5 has not never > > worked. > > The entry in the "users" file isn't being matched because you edited > radiusd.conf, and broke the server. > > > modcall: entering group authorize for request 0 > > modcall[authorize]: module "preprocess" returns ok for request 0 > > rlm_eap: EAP packet type response id 210 length 9 > > rlm_eap: No EAP Start, assuming it's an on-going EAP conversation > > modcall[authorize]: module "eap" returns updated for request 0 > > modcall: group authorize returns updated for request 0 > > See? There's no mention of the "files" module, or that any entry in > the "users" file was matched. So you can edit the "users" file > forever, and it won't affect anything... because *you* told the server > to not look at the "users" file. > > > # eap sets the authenticate type as EAP > > authorize { > > ... > > eap > > } > > And rather than quoting your exact "authorize" section, you've > edited it. > > Since I can read the debug output, I can tell what you've done. But > by editing the "radiusd.conf" pieces you quoted, you've gone out of > your way to make it more difficult for anyone to be able to help you. > > In short, if you don't know what the entries in "radiusd.conf" do, > DON'T EDIT THEM. The default configuration is set up that way for a > reason. IT WORKS. > > If you had used the default configuration, the "users" file entry > would have worked as I said. But because you edited the default > configuration (and didn't say you edited it), you broke it, and the > "users" fil entry didn't work. > > Alan DeKok. > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html ---fine del testo--- -- !!!!! Messaggio da Marco !!!!! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html