in radiusd.conf: authorize { auth_log sql } authenticate { }
in sql.conf: sql_user_name = "%{Calling-Station-Id}" authorize_check_query = "SELECT id, UserName, Attribute, Value, op \ FROM ${authcheck_table} \ WHERE UserName = '%{SQL-User-Name}' AND User='%{User-Name}' \ ORDER BY id" /usr/local/sbin/radiusd -X show me: Listening on authentication XXX.XX.XX.XX:1812 Listening on accounting XXX.XX.XX.XX:1813 Ready to process requests. rad_recv: Access-Request packet from host XXX.XX.XX.XX:1812, id=190, length=117 NAS-Identifier = "mynas2" User-Name = "test" User-Password = "testpass" NAS-IP-Address = XXX.XX.XX.XX NAS-Port-Type = Virtual Called-Station-Id = "1000" Calling-Station-Id = "3339999999" Acct-Session-Id = "d45d6126058adce5" Acct-Multi-Session-Id = "d45d612600010610" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 radius_xlat: '/usr/local/var/log/radius/radacct/auth-detail.log' rlm_detail: /usr/local/var/log/radius/radacct/auth-detail.log expands to /usr/local/var/log/radius/radacct/auth-detail.log modcall[authorize]: module "auth_log" returns ok for request 0 radius_xlat: '3339999999' rlm_sql (sql): sql_set_user escaped user --> '3339999999' radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE UserName = '3339999999' AND User='test' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 4 radius_xlat: '' radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM radreply WHERE UserName = 'secondtest' ORDER BY id' radius_xlat: '' rlm_sql (sql): Released sql socket id: 4 rlm_sql (sql): No matching entry in the database for request from user [3339999999] modcall[authorize]: module "sql" returns notfound for request 0 modcall: leaving group authorize (returns ok) for request 0 auth: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user auth: Failed to validate the user. Login incorrect: [test/testpass] (from client mynas2 port 0 cli 3339999999) Sending Access-Reject of id 190 to XXX.XX.XX.XX port 1812 Finished request 0 So, select from database: mysql> SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE UserName = '3339999999' AND User='test' ORDER BY id; +-----+------------+-------------------+--------+----+ | id | UserName | Attribute | Value | op | +-----+------------+-------------------+--------+----+ | 1 | 3339999999 | Auth-Type | Accept | := | | 37 | 3339999999 | User-Password | 378b243e220ca493 | == | | 73 | 3339999999 | User-Name | test | == | | 109 | 3339999999 | Called-Station-Id | 1000 | == | +-----+------------+-------------------+--------+----+ 4 rows in set (0.58 sec) ------------------------------------ As I understand, radius cannot understand crypted "User-Password" (by mysql function "password"). Is it possible to slide over it? How to do it, can someone give advice? ------------------------------------------------------------------------------- http://www.one.lv - Tavs mobilais e-pasts! Tagad lasi savu e-pastu ar mobilo telefonu - wap.one.lv! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html