Dear radius gurus, I am trying to setup radius for mysql auth, but I altough the db tables seems to be ok, I cannot auth the users.
Any help will be welcome! Thanks in advance! here is what I am trying: [EMAIL PROTECTED] raddb]# radtest anavc 2572ava localhost:1645 0 teste Sending Access-Request of id 139 to 127.0.0.1:1645 User-Name = "anavc" User-Password = "2572ava" NAS-IP-Address = intranet NAS-Port = 0 Re-sending Access-Request of id 139 to 127.0.0.1:1645 User-Name = "anavc" User-Password = "\027\257\363\336\323t\270\301\252\320S\213\032y\350\371" NAS-IP-Address = intranet NAS-Port = 0 rad_recv: Access-Reject packet from host 127.0.0.1:1645, id=139, length=20 [EMAIL PROTECTED] raddb]# ------------------------------------------------------------------------------------------------------------------------------------------------------------- radiusd -X says: Ready to process requests. rad_recv: Access-Request packet from host 127.0.0.1:54564, id=171, length=57 User-Name = "anavc" User-Password = "2572ava" NAS-IP-Address = 255.255.255.255 NAS-Port = 0 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: No '@' in User-Name = "anavc", looking up realm NULL rlm_realm: Found realm "NULL" rlm_realm: Adding Stripped-User-Name = "anavc" rlm_realm: Proxying request from user anavc to realm NULL rlm_realm: Adding Realm = "NULL" rlm_realm: Authentication realm is LOCAL. modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 0 users: Matched DEFAULT at 173 modcall[authorize]: module "files" returns ok for request 0 radius_xlat: 'anavc' rlm_sql (sql): sql_set_user escaped user --> 'anavc' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'anavc' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 3 rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'anavc' ORDER BY id radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'anavc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' rlm_sql_mysql: query: SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'anavc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'anavc' ORDER BY id' rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'anavc' ORDER BY id radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'anavc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql_mysql: query: SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'anavc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id rlm_sql (sql): No matching entry in the database for request from user [anavc] rlm_sql (sql): Released sql socket id: 3 modcall[authorize]: module "sql" returns notfound for request 0 modcall: group authorize returns ok for request 0 rad_check_password: Found Auth-Type System auth: type "System" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 0 modcall[authenticate]: module "unix" returns notfound for request 0 modcall: group authenticate returns notfound for request 0 auth: Failed to validate the user. Login incorrect: [anavc/2572ava] (from client localhost port 0) rad_lowerpair: Stripped-User-Name now 'anavc' rad_lowerpair: User-Password now '2572ava' rad_rmspace_pair: Stripped-User-Name now 'anavc' rad_rmspace_pair: User-Password now '2572ava' Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: Request already proxied. Ignoring. modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 0 users: Matched DEFAULT at 173 modcall[authorize]: module "files" returns ok for request 0 radius_xlat: 'anavc' rlm_sql (sql): sql_set_user escaped user --> 'anavc' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'anavc' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 2 rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'anavc' ORDER BY id radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'anavc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' rlm_sql_mysql: query: SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'anavc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'anavc' ORDER BY id' rlm_sql_mysql: query: SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'anavc' ORDER BY id radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'anavc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql_mysql: query: SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'anavc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id rlm_sql (sql): No matching entry in the database for request from user [anavc] rlm_sql (sql): Released sql socket id: 2 modcall[authorize]: module "sql" returns notfound for request 0 modcall: group authorize returns ok for request 0 rad_check_password: Found Auth-Type System auth: type "System" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 0 modcall[authenticate]: module "unix" returns notfound for request 0 modcall: group authenticate returns notfound for request 0 auth: Failed to validate the user. Login incorrect: [anavc/2572ava] (from client localhost port 0) Delaying request 0 for 2 seconds Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 2 seconds... --- Walking the entire request list --- Waking up in 2 seconds... ------------------------------------------------------------------------------------------------------------------------------------------------------------- when I run the queries by hand: mysql> SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'anavc' ORDER BY id; +----+----------+---------------+---------+----+ | id | UserName | Attribute | Value | op | +----+----------+---------------+---------+----+ | 4 | anavc | User-Password | 2572ava | == | +----+----------+---------------+---------+----+ 1 row in set (0.02 sec) mysql> SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'anavc' ORDER BY id; +----+----------+---------------+---------+----+ | id | UserName | Attribute | Value | op | +----+----------+---------------+---------+----+ | 4 | anavc | User-Password | 2572ava | == | +----+----------+---------------+---------+----+ 1 row in set (0.00 sec) mysql> SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'anavc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id; +----+-----------+------------------+-------+----+ | id | GroupName | Attribute | Value | op | +----+-----------+------------------+-------+----+ | 1 | dialup | Auth-Type | Local | == | | 2 | dialup | Simultaneous-Use | 1 | == | +----+-----------+------------------+-------+----+ 2 rows in set (0.00 sec) mysql> SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'anavc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id; +----+-----------+------------------+-------+----+ | id | GroupName | Attribute | Value | op | +----+-----------+------------------+-------+----+ | 1 | dialup | Auth-Type | Local | == | | 2 | dialup | Simultaneous-Use | 1 | == | +----+-----------+------------------+-------+----+ 2 rows in set (0.00 sec) mysql> SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'anavc' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id; +----+-----------+------------------+-------+----+ | id | GroupName | Attribute | Value | op | +----+-----------+------------------+-------+----+ | 1 | dialup | Auth-Type | Local | == | | 2 | dialup | Simultaneous-Use | 1 | == | +----+-----------+------------------+-------+----+ 2 rows in set (0.00 sec) mysql> SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'anavc' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id; +----+-----------+--------------------+---------------------+----+ | id | GroupName | Attribute | Value | op | +----+-----------+--------------------+---------------------+----+ | 27 | dialup | Framed-IP-Address | 255.255.255.254 | == | | 28 | dialup | Framed-Compression | Van-Jacobson-TCP-IP | == | | 29 | dialup | Framed-IP-Netmask | 255.255.255.255 | == | | 30 | dialup | Framed-MTU | 576 | == | | 31 | dialup | Idle-Timeout | 900 | := | +----+-----------+--------------------+---------------------+----+ 5 rows in set (0.03 sec) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html