-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Thibault Le Meur ha scritto: > >> -----Message d'origine----- >> De : >> [EMAIL PROTECTED] >> radius.org >> [mailto:[EMAIL PROTECTED] >> sts.freeradius.org] De la part de peppeska >> Envoyé : mercredi 21 mars 2007 13:44 >> À : FreeRadius users mailing list >> Objet : Re: freeradius, ldap error - HELP ME! >> >> >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> Michael Mitchell ha scritto: >>> peppeska wrote: >>>>>> rad_recv: Access-Request packet from host 127.0.0.1:1030, id=65, >>>>>> length=54 >>> ^^^^^^^^^^ >>> >>>>>> ->Where is User-Password attribute? >>>>> Ask the NAS. >>>>> >>>> what? >>>> >>> In this case I have a suspicion the "NAS" could be radclient... >>> >>> How are you sending requests to freeRADIUS? >>> >> Freeradius recive request from pppoe-server, I try to connect >> to pppoe-server from a linux box > > > Is your pppoe-server a linux server ? > Is your pppoe client or pppoe server configured to use ms-chap > authentication ? > > If your pppoe server is a linux box, have you checked that the radiusclient > library contains the microsoft dictionnary as I described in my previous > email ?
Thibault Le Meur ha scritto: >> >> But the output now is: >> >> >> >> rad_recv: Access-Request packet from host 127.0.0.1:1030, >> >> id=65, length=54 >> >> Service-Type = Framed-User >> >> Framed-Protocol = PPP >> >> User-Name = "peppeska" >> >> NAS-IP-Address = 127.0.0.1 >> >> NAS-Port = 0 >> >> >> >> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ >> >> - ->Where is User-Password attribute? >> >> - ------------------------------------------------ > > > > A good question indeed, that one should be asked to your NAS ;-) > > > > It's up to the NAS to send User-Password: unless it is setup to do something > > else (for instance MSCHAP). > > > > Have you setup ppp to use mschap (require-mschap-v2 option) ? > > Are you using the radiusclient library ? refuse-pap refuse-chap require-mschap require-mschap-v2 require-mppe > > > > If yes, could you check that you radiusclient dictionnary file includes > > Microsoft attributes: > > * check the "dictionary <path-to-dict-file>" line of > > /etc/radiusclient-ng/radiusclient.conf file (or > > /etc/radiusclient/radiusclient.conf file) > > * check that the file <path-to-dict-file> contains a reference to other > > dictionnary files such as: > > INCLUDE /usr/share/radiusclient-ng/dictionary.merit > > INCLUDE /usr/share/radiusclient-ng/dictionary.microsoft > > * check that you have these 2 extra dictionnary files (especially the > > microsoft one) > > ==> I've attached the two files in my radiusclient.conf there is: # dictionary of allowed attributes and values # just like in the normal RADIUS distributions dictionary /etc/radiusclient/dictionary and in the dictonary file: $INCLUDE /etc/radiusclient/dictionary.microsoft $INCLUDE /etc/radiusclient/dictionary.ascend $INCLUDE /etc/radiusclient/dictionary.compat $INCLUDE /etc/radiusclient/dictionary.merit $INCLUDE /usr/share/freeradius/dictionary But... whitout declaretion of Default Auth-Type in the users file: rlm_ldap: user peppeska authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns ok for request 0 modcall: leaving group authorize (returns ok) for request 0 auth: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user auth: Failed to validate the user. Login incorrect: [peppeska/<no User-Password attribute>] (from client localhost port 0) Delaying request 0 for 1 seconds Finished request 0 - -- <<<<---------------------------------------------------------->>>> |Giuseppe Moscato aka peppeska - Linux User - no html messages---| |[EMAIL PROTECTED] - http://peppeska.altervista.org------| |Fingerprint = 90DC 05A8 2D65 BC04 BD1B 4C07 C389 434B 3201 319D| <<<<---------------------------------------------------------->>>> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGATavkA6hcnFZI/YRAtO2AKCvLofpLFkKzqJ3pHWgCB5WfU+PZQCdFCKU 5BM2fsuNTyacCHdX5z6hCjA= =y9bX -----END PGP SIGNATURE----- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html